Monday, October 10, 2011

Remove Gen:Trojan.Heur.RP.amgfa46h

Remove Gen:Trojan.Heur.RP.amgfa46h
Gen:Trojan.Heur.RP.amgfa46h is a Trojan downloader that will harm the computer seriously. Gen:Trojan.Heur.RP.amgfa46h always spread itself through shortened URLs on Twitter messages to report breaking news about the VB International Conference. Gen:Trojan.Heur.RP. amgfa46h can produce fake computer security system notifications and irritating pop ups. Gen:Trojan.Heur.RP.amgfa46h is distributed via e-mail and Active-x objects. Gen:Trojan.Heur.RP.amgfa46h has its own SMTP engine that gathers e-mail from your local computer and re-distributes itself. Gen:Trojan.Heur.RP.amgfa46h is infected through VB2011.exe and installs in svchost.exe process and attempts to download another file named Installation.exe. Once infected with Gen:Trojan.Heur.RP.amgfa46h, the installer cannot be removed and it connects to additional malware-hosting websites so that to download and install other malicious files on the infected computers. Upon installation, Gen:Trojan.Heur.RP.amgfa46h opens gameware, adware and porn web pages in the Internet Explorer as well as creates desktop shortcuts that link to these websites. All of us should be careful when we click on shortened URLs in Twitter, especially if the message is related to the VB International Conference. If the computer has been infected with Gen:Trojan.Heur.RP.amgfa46h, delete it by using a powerful and reputable antivirus.

Gen:Trojan.Heur.RP.amgfa46h can be removed by stopping the processes and removing the files by using Emsisoft HiJackFree. Then the user should remove the registry entries added or modified by Gen:Trojan.Heur.RP.amgfa46h shown in the removal guide below. All files related to Gen:Trojan.Heur.RP.amgfa46h must be deleted.

Gen:Trojan.Heur.RP.amgfa46h should be removed immediately.

Gen:Trojan.Heur.RP.amgfa46h Removal Guide
Kill Process
(How to kill a process effectively?)
Gen:Trojan.Heur.RP.amgfa46h.exe

Delete Registry
HKEY_CURRENT_USER\Software\13376694984709702142491016734454
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “13376694984709702142491016734454"

Remove Folders and Files
%Program Files%\Gen:Trojan.Heur.RP.amgfa46h
%UserProfile%\Desktop\Gen:Trojan.Heur.RP.amgfa46h.lnk
%UserProfile%\Start Menu\Gen:Trojan.Heur.RP.amgfa46h
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Gen:Trojan.Heur.RP.amgfa46h.lnk

No comments:

Post a Comment