Trojan horse Downloader.Generic13 Payloads
- Numerate drivers concerning security service and background processes to disabled automatic removal and call service on its undertaking.
- Modify DNS settings and utilize seldom use ports to access designated site for virus downloading.
- Open up backdoor invisible to PC victims to be exploited by cooperators.
Trojan horse Downloader.Generic13 Damages
With random modification and more injection of unknown items, the below issues would be incurred:
- Additional affections like JS:ScriptIP-inf [Trj] and Win32/Patched rpcss.dll virus can be detected soon after its infiltration.
- Computer would freeze when trying to update some installed security utilities.
- Everything would stop responding except mouse.
- Task Manager is disabled and will not respond.
Steps to Remove Trojan horse Downloader.Generic13
1. please close down System Restore function as Trojan horse Downloader.Generic13 could inject its vicious code into every detected restore points and restore itself automatically after being remove incompletely.
2. enter into Safe Mode to run full scan with anti-virus program and note down the path name directing to Trojan horse Downloader.Generic13.
Windows 7/Vista/XP
Restart the affected computer > keep tapping on “F8 key” when the computer is booting > select ‘Safe Mode’ on “Windows Advanced Options Menu” screen > press Enter key.
Windows 8
Restart the affected computer > hold the Shift button and keep tapping on the F8 key as the computer is booting > ‘See advanced repair options’ > ‘Troubleshoot’ > ‘Advanced Options’ > ‘Windows Startup Settings’ > ‘Restart’ button.
3. end the running processes related to Trojan horse Downloader.Generic13 according to the path name shown in Task Manager and System Information respectively.
Access Task Manager > View > select columns > tick "PID" and "Path name" > go to open up System Information > end the process with path name directing to Trojan horse Downloader.Generic13 's path or the path that doesn't belong to system.
(tip: find the services directing to Trojan horse Downloader.Generic13' s path or the path that doesn't belong to system for step 5)
4) unveil all hidden items and remove items generated by Trojan horse Downloader.Generic13 from local disk.
Windows 7/XP/Vista- Control Panel > user accounts and family safety > Folder Options > View tab > tick ‘Show hidden files and folders’ > non-tick ‘Hide protected operating system files (Recommended)’ > OK button.
Windows 8 - Windows Explorer > View tab > tick ‘File name extensions’ and ‘Hidden items’ > OK button.
Access the detected path and remove all the items there.
Access C:\Windows, C:\Windows\System32, C:\windows\winstart.bat, C:\windows\wininit.ini and C:\windows\Autoexec.bat to remove all the files and folders detected on the date when Trojan horse Downloader.Generic13 was firstly found.
5) access Database to remove the items generated by Trojan horse Downloader.Generic13.
- Press down Win key and R key together > type “regedit” > hit Enter key > remove the values under the following entries:
HKEY_CLASSES_ROOTWindowFiles\Check_Associations
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetINTEXPLORE.pif\ToP
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun\[random numbers and letters]
HKEY_CLASSES_ROOTCLSID{random numbers} shellOpenHomePageCommand. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
- Next use Ctrl+F key combination to put in the suspicious service detected in step 3 > hit Find button > end the services in Database.
People should know that the above thread is exclusively applicable to Trojan horse Downloader.Generic13 as it is impossible to foresee which infection it will cooperate with and which virus will be able to find and exploit the backdoor/vulnerability by Trojan horse Downloader.Generic13. If one encounters additional infection, it is recommended to remove them all along to the downloader Trojan, or Trojan horse Downloader.Generic13 will persist to infiltrate a target machine. There’s no universal instruction to remove any certain virus, including Trojan horse Downloader.Generic13 as mutex can be generated to various system structure and versions of OS, which is why computer skills and virus knowledge is required. But the thread is definitely helpful.
No comments:
Post a Comment