Wei Jin logow..exe complete cleanup techniques original

The logocmd.exe file is located in the nearest computer.
Run the following file first Copy codeThe Code is as follows: @ echo off
If exist % windir % \ rundl132.exe echo found Weijin!
Pause
Taskkill/f/im rundl132.exe
Taskkill/f/im logo_1.exe
Taskkill/f/im logow..exe
Taskkill/f/im Ravmon.exe
Taskkill/f/im Eghost.exe
Taskkill/f/im Mailmon.exe
Taskkill/f/im KAVPFW. EXE
Taskkill/f/im IPARMOR. EXE
Taskkill/f/im Ravmond.exe
Taskkill/f/im 0sy.exe
Taskkill/f/im 1sy.exe
Taskkill/f/im 2sy.exe
Taskkill/f/im 3sy.exe
Taskkill/f/im 4sy.exe
Taskkill/f/im 5sy.exe
Taskkill/f/im 6sy.exe
Taskkill/f/im 7sy.exe
Taskkill/f/im 8sy.exe
Taskkill/f/im 9sy.exe
Taskkill/f/im 10sy.exe
Taskkill/f/im 11sy.exe
Taskkill/f/im 12sy.exe
Taskkill/f/im 13sy.exe
Taskkill/f/im 15sy.exe
Taskkill/f/im 25sy.exe

: The virus process is ended.

Attrib % windir % \ logow..exe-s-r-h
Attrib % windir % \ rundl132.exe-s-r-h
Attrib % windir % \ 0Sy.exe-s-r-h
Attrib % windir % \ vDll. dll-s-r-h
Attrib % windir % \ 1Sy.exe-s-r-h
Attrib % windir % \ 2Sy.exe-s-r-h
Attrib % windir % \ rundll32.exe-s-r-h
Attrib % windir % \ 3Sy.exe-s-r-h
Attrib % windir % \ 5Sy.exe-s-r-h
Attrib % windir % \ 1.com-s-r-h
Attrib % windir % \ exerouter.exe-s-r-h
Attrib % windir % \ EXP10RER.com-s-r-h
Attrib % windir % \ finders.com-s-r-h
Attrib % windir % \ Shell. sys-s-r-h
Attrib % windir % \ kill.exe-s-r-h
Attrib % windir % \ sws. dll-s-r-h
Attrib % windir % \ sws32.dll-s-r-h
Attrib % windir % \ uninstall \ rundl132.exe-s-r-h
Attrib c: \ windows \ SVCHOST.exe-s-r-h
Attrib c: \ windows \ WINLOGON.exe-s-r-h
Attrib c: \ windows \ RUNDLL32.EXE-s-r-h
Attrib C: \ "Program Files" \ svchost.exe-s-r-h
Attrib C: \ "Program Files" \ "Internet Explorer" \ svchost.exe-s-r-h
Attrib % windir % \ Download \ svchost.exe-s-r-h
Attrib % windir % \ system32 \ wldll. dll-s-r-h
Attrib c: \ windows \ system32 \ Microsoft \ svchost.exe-s-r-h

Del/f/s/q/a % systemdrive % \ rundl132.exe
Del/f/s/q/a % systemdrive % \ rundll32.exe
Del/f/s/q/a % systemdrive % \ Dll. dll
Del/f/s/q/a % systemdrive % \ vdll. dll
Del/f/s/q/a % systemdrive % \ logo_1.exe
Del/f/s/q/a % systemdrive % \ logocmd.exe
Del/f/s/q/a % systemdrive % \ Logo1.exe
Del/f/s/q/a % systemdrive % \? Sy.exe
Del/f/s/q/a % windir % \ logocmd.exe
Del/f/s/q/a % windir % \ rundl132.exe
Del/f/s/q/a % windir % \ 0Sy.exe
Del/f/s/q/a % windir % \ vDll. dll
Del/f/s/q/a % windir % \ 1Sy.exe
Del/f/s/q/a % windir % \ 2Sy.exe
Del/f/s/q/a % windir % \ rundll32.exe
Del/f/s/q/a % windir % \ 3Sy.exe
Del/f/s/q/a % windir % \ 5Sy.exe
Del/f/s/q/a % windir % \ 1.com
Del/f/s/q/a % windir % \ exerouter.exe
Del/f/s/q/a % windir % \ EXP10RER.com
Del/f/s/q/a % windir % \ finders.com
Del/f/s/q/a % windir % \ Shell. sys
Del/f/s/q/a % windir % \ kill.exe
Del/f/s/q/a % windir % \ sws. dll
Del/f/s/q/a % windir % \ sws32.dll
Del/f/s/q/a % windir % \ uninstall \ rundl132.exe
Del/f/s/q/a c: \ windows \ SVCHOST.exe
Del/f/s/q/a c: \ windows \ WINLOGON.exe
Del/f/s/q/a c: \ windows \ RUNDLL32.EXE
Del/f/s/q/a C: \ "Program Files" \ svchost.exe
Del/f/s/q/a C: \ "Program Files" \ "Internet Explorer" \ svchost.exe
Del/f/s/q/a c: \ windows \ Download \ svchost.exe
Del/f/s/q/a c: \ windows \ system32 \ Microsoft \ svchost.exe
Del/f/s/q/a c: \ windows \ system32 \ wldll. dll
Del/f/s/q/a c: \ _ desktop. ini
Del/f/s/q/a d: \ _ desktop. ini
Del/f/s/q/a e: \ _ desktop. ini
Del/f/s/q/a f: \ _ desktop. ini

: Delete Virus-related files.

Net share c $/del
Net share d $/del
Net share e $/del
Net share f $/del
Net share admin $/del
Net share ipc $/del
Pause
Taskkill/f/im conime.exe
Exit

The provided files include: execute the following command to KillLogo1.bat Logo1 to immune the patch. bat to ban the running of logo1.exe virus. reg
Download this file
Most important:
What this trojan hates is that, even if the system is redone, the virus still exists. It will combine all the exe files in the hard disk with the virus file into a file, it also runs when you run other executable files. so when you see that your original file icon is changed, it means you are lucky. However, if you look at it, you can easily solve it.
Upgrade your anti-virus software to the latest version. You can find out what is in this file. I used rising to update it to 12.1.
1. Operating System Security Mode: Press F8 at system startup to enter security mode, because entering security mode can load the least processes and effectively prevent virus running,
2. Enable anti-virus software to scan and kill the files. If you have a large number of executable files in the exe file on your hard disk, it will be very slow, but there is no way, it will be so painful.