Trojan.Generic.12199720 removal guide

The Trojan.Generic.12199720 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Generic.12199720 virus can do?

At least one IP Address, Domain, or File Name was found in a crypto call
Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Sniffs keystrokes
Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Trojan.Generic.12199720?


File Info:
crc32: 952ACF05
md5: 24b316c9e346db036c1b17cf8911db79
name: This.War.of.Mine.All.Versions.tr4-XiaoXing.exe
sha1: d12ecd7c09a4d51cfe7531b4b343a7a6b73e0274
sha256: ac7dc73a46ef84787707cf27eeed185b5dbb1ce36e97dd723a68cf4aead7e565
sha512: 5932c2516e01b020522d6f7fad2dd2a59c499491faf63cfd49d906a3b91fc0a9366eb7f4bd5f7b3e4a547a0d28c0deb73483007349383445c02fd0f9906458ec
ssdeep: 6144:Opgocf4KQArIvg5oS7BQh7A5jymKWu0CNFM3PjoWaYA8MFnyFy+E3B+Ib9yx617H:OpT3KQCyV7CjymKxZCQ1Cy+a+FSbQ1C
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: @x5c0fx5e78x59d0(Sachiko) x7248x6743x6240x6709
FileVersion: 1.0.0.0
CompanyName: @x5c0fx5e78x59d0(Sachiko)
Comments: x5c0fx5e78x59d0x7684x5faex535a http://weibo.com/gggggg
ProductName: x8fd9x662fx6211x7684x6218x4e89 x4feex6539x5668
ProductVersion: 1.0.0.0
FileDescription: This War of Mine Trainer
Translation: 0x0804 0x04b0

Trojan.Generic.12199720 also known as:

Bkav	W32.AIDetectVM.malware
MicroWorld-eScan	Trojan.Generic.12199720
McAfee	GenericRXEU-WF!24B316C9E346
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
K7AntiVirus	Trojan ( 005246d51 )
BitDefender	Trojan.Generic.12199720
K7GW	Trojan ( 005246d51 )
CrowdStrike	win/malicious_confidence_90% (W)
Arcabit	Trojan.Generic.DBA2728
BitDefenderTheta	Gen:NN.ZexaF.34096.0q0@a8zXzckb
Cyren	W32/Agent.EW.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/FlyStudio.HackTool.A potentially unwanted
ClamAV	Win.Malware.Zusy-6840460-0
Kaspersky	Trojan-Spy.Win32.KeyLogger.bkzq
NANO-Antivirus	Trojan.Win32.FlyStudio.fccuhn
AegisLab	Trojan.Win32.Generic.4!c
Rising	Trojan.Wacatac!8.10C01 (CLOUD)
Endgame	malicious (high confidence)
Emsisoft	Trojan.Generic.12199720 (B)
Comodo	Worm.Win32.Dropper.RA@1qraug
F-Secure	Trojan:W32/DelfInject.R
Zillya	Trojan.Keylogger.Win32.10
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Generic.ch
SentinelOne	DFI – Malicious PE
Trapmine	suspicious.low.ml.score
FireEye	Generic.mg.24b316c9e346db03
Sophos	Generic PUA NB (PUA)
APEX	Malicious
F-Prot	W32/Agent.EW.gen!Eldorado
Jiangmin	Trojan.Generic.gfak
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/FlyStudio_HackTool.A!tr
Antiy-AVL	Trojan/Win32.TSGeneric
Microsoft	Trojan:Win32/Occamy.C
ZoneAlarm	Trojan-Spy.Win32.KeyLogger.bkzq
Acronis	suspicious
VBA32	BScope.Trojan.Orsam
ALYac	Trojan.Generic.12199720
MAX	malware (ai score=81)
Ad-Aware	Trojan.Generic.12199720
Panda	Trj/GdSda.A
Tencent	Win32.Trojan-spy.Keylogger.Hrpb
Ikarus	Trojan-PSW.QQTen
GData	Win32.Application.FlyStudio.F
Webroot	Pua.Gen
Cybereason	malicious.9e346d

How to remove Trojan.Generic.12199720?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Trojan.Generic.12199720 removal guide