The Trojan horse generic_r.CWM is another variation of lethal Trojan horse infections that select the windows based systems randomly and sneaks in without getting permission from the users. This dangerous worm is spread through p2p sharing, using corrupt removable devices, and email storage devices. Once installed, the Trojan horse generic_r.CWM makes a number of changes inside the system without the consent of the user, and can cause permanent damage to some of the system resources. Besides creating the malicious registry keys, this lethal Trojan infection can damage crucial system files. Every time you boot the windows, this malicious application starts automatically. This dangerous parasite is used by the online criminals to access some of the most confidential user details such as logins, passwords, and financial credentials. All of such information is accessed to use in the frauds to steal the money of the user.
The Manual Removal of Trojan horse generic_r.CWM
Once this infection found in the system, you have to remove it on an urgent basis to minimize the level of loss. There are both manual as well as automatic removal options available. The steps involved in the manual removal method of the Trojan horse generic_r.CWM are as under:-
Change the Mode of Operation from Normal to Safe Mode
These lethal Trojan horse infections cannot be removed while remaining in the normal mode of operation. To terminate the normal mode, and boot the system in the safe mode you have to restart the computer, and use the F8 key repeatedly while the system is restarted to access the boot options menu. Select the safe mode from the list of boot options and press the Enter key to boot the computer in the safe mode.
End the Malicious Processes
Hold the Ctrl+Alt+Delete keys together to access the windows task manager, and click on the processes tab in the task manager window to see the list of running processes. Remove the following corrupt processes quickly before closing the windows task manager:-
- %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
Remove the Associated Data
You have to remove the following associated files hidden deep in the system files folder by using the help of the Delete key:-
- %Desktopdir%\Trojan horse generic_r.CWM.lnk
- %Programs%\Trojan horse generic_r.CWM\Trojan horse generic_r.CWM.lnk
Reverse the Modification in the Windows Registry
You have to access the registry editor by executing the “regedit.exe” command through Run option on the Start menu. Remove the following malicious entries once the registry editor is accessed and clean the windows registry from the malicious modifications created by the Trojan horse generic_r.CWM virus:-
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trojan horse generic_r.CWM\DisplayIcon %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe,0
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trojan horse generic_r.CWM
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trojan horse generic_r.CWM\UninstallString “%AppData%[RANDOM CHARACTERS][RANDOM CHARACTERS].exe” -u
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\[RANDOM CHARACTERS] %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trojan horse generic_r.CWM\ShortcutPath “%AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe” -u
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Trojan horse generic_r.CWM\DisplayName Trojan horse generic_r.CWM
Close the registry editor, and restart the computer once again in the normal mode to see the effect of changes you have made recently. Run a system scan after updating the current antivirus program to remove the infections caused by this Trojan horse virus.