Trojan

How to remove “Trojan:Win32/Phonzy.A!ml”?

Malware Removal

The Trojan:Win32/Phonzy.A!ml is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Phonzy.A!ml virus can do?

  • Unconventionial language used in binary resources: Japanese
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan:Win32/Phonzy.A!ml?



File Info:

name: 1123E9EF5117163A89DA.mlw
path: /opt/CAPEv2/storage/binaries/69703ef0e6a0dff92ec48add43fc17d38245b0443c9f0e0f94d3b80e831175cf
crc32: CA9B6E64
md5: 1123e9ef5117163a89dae64959b5036f
sha1: 2531f7da689f8628516694c3613975f9abcfd83a
sha256: 69703ef0e6a0dff92ec48add43fc17d38245b0443c9f0e0f94d3b80e831175cf
sha512: db930920c319b76d7ab0bac28c0d7f11a48790cbb26c2b42701a038b8658fed172dd92af3432f857814be4b68123d5a97cc99f2327dc5e384f93ef1e25236617
ssdeep: 49152:SO6mUA9lO6P2bEQMW8hclDWmBWjSiON+cd3fr:InA9lO6P2bDMW8hclDWmsjSiOkcpfr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T113A529BAAF4594ECC24618F1125FDB0672A0B5772E1058D7B148BF5D5E3C2F3AA2831B
sha3_384: d15f0901b8290241077cf9804344648cd0e74817a9ed2d1234bab9ea9b7a9ca0473bf2f3dc0008113999ce4634853e86
ep_bytes: e88af80000e916feffff5064ff350000
timestamp: 2014-11-27 07:14:53


Version Info:

CompanyName: SEIKO EPSON CORPORATION
FileDescription: EPSON Service Program
FileVersion: 1, 0, 3, 0
InternalName: ServProg
LegalCopyright: Copyright (C) 2014 SEIKO EPSON CORPORATION
OriginalFilename: ServProg.exe
ProductName: EPSON Service Program
ProductVersion: 1, 0, 3, 0
Translation: 0x0409 0x04b0

Trojan:Win32/Phonzy.A!ml also known as:

BkavW32.Common.EAE31E32
LionicTrojan.Win32.Skillis.4!c
FireEyeGeneric.mg.1123e9ef5117163a
SkyhighArtemis
McAfeeArtemis!1123E9EF5117
Cylanceunsafe
Cybereasonmalicious.a689f8
SymantecML.Attribute.HighConfidence
APEXMalicious
TACHYONTrojan/W32.Skillis.2183168.D
GoogleDetected
Antiy-AVLTrojan/Win32.Skillis
MicrosoftTrojan:Win32/Phonzy.A!ml
VBA32Trojan.Skillis
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/GdSda.A
RisingTrojan.Skillis!8.353 (TFE:5:GOUZ5PqQxcF)
YandexTrojan.GenAsa!o7YGF4nTr4w
IkarusTrojan.SuspectCRC
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Trojan:Win32/Phonzy.A!ml?

Trojan:Win32/Phonzy.A!ml removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment