Sunday, January 29, 2012

Remove Trojan:Win32/Anomaly.gen!A according to the outcome of its payload research

Trojan:Win32/Anomaly.gen!A applies to the technology of analyzing behavior associated with concealing actual functionality of downloaded content. There are no restrictions to the way of such content introduction. Viral type of introduction, trojan and worm infiltration routines are compatible with the definition.
The name is commonly used by Microsoft security tool when the object is encrypted, compressed, protected against debugging and emulation. Removal of Trojan:Win32/Anomaly.gen!A detection is subject to in-depth examination of the suspicious object.
Free scanner available here has in its disposal advanced routines to recognize implicit payloads. It is strongly recommended to get rid of Trojan:Win32/Anomaly.gen!A using the solution available above. 





Trojan:Win32/Anomaly.gen!A manual removal guide:
Delete infected files:
%System%\iebtmm.exe
%System%\sdra64.exe
%System%\svcroot.exe
%System%\wcm.exe
%Temp%\bifrost.exe
%Temp%\svchost.exe
%Temp%\vip.exe
%Windir%\svchost.exe
Delete infected registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\random keys
 Rename the remover to "explorer.exe" or try to install from Safe Mode if virus blocks download\installation

No comments: