Remove Wekode. Description and removal instructions

Title: Wekode
Type: Worms	Severity scale: (30 / 100)

Wekode is a relatively harmless worm written in Visual Basic Script. It spreads through removable media and network shares. It also copies itself to local drives. The parasite's only functions are propagating and changing Internet Explorer window titles. It does not carry any destructive payload. Wekode automatically runs on every Windows startup.

FORUM:
Discuss Wekode in
spyware removal forum

Related files: kernel32.dll.vbs, autorun.inf

Wekode properties:
• Hides from the user
• Stays resident in background

Automatic Wekode removal:

remover for Wekode

Wekode manual removal:

Delete registry values:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\kernel32
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title="Hacked by 8BITS"

HELP:
how to remove registry entries

Delete files:
kernel32.dll.vbs, autorun.inf

HELP:
how to remove harmful files

Misc:
Exact file location:
autorun.inf - the root of local drives; removable media; network shares
kernel32.dll.vbs - C:\WINDOWS\System32 or C:\WINNT\System32; the root of local drives; removable media; network shares

Other programs to remove Wekode:

• SUPERAntiSpyware - Review - Download
• CounterSpy - Review - Download
• Windows Defender - Review - Download

Information added: 21/12/07
Information updated: 21/12/07

Additional resources related to Wekode:

Attention: If you know or you have a website or page about Wekode removal, feel free to add a link to this list: add url

more resources

Post Comment:

Attention: Use this form only if you have additional information about Wekode parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.