Malware

Troj/AutoG-CR removal tips

Malware Removal

The Troj/AutoG-CR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Troj/AutoG-CR virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Authenticode signature is invalid

How to determine Troj/AutoG-CR?



File Info:

name: 006DE3647DFF8A962B8B.mlw
path: /opt/CAPEv2/storage/binaries/c7d29cfa4f3848a846c9de1fb11dbc146460c204cb56925410fd6d02c162a719
crc32: A7C9C0DC
md5: 006de3647dff8a962b8b2379e656379f
sha1: 41440e325629943f75642df16fc31501075e32dc
sha256: c7d29cfa4f3848a846c9de1fb11dbc146460c204cb56925410fd6d02c162a719
sha512: 386d09247b150a57360b587a21142e3953ee65733f19ded807de97b09a98739786c11dd7811a0f924f0f4f4a5e2a013dcd0265b4d763021d85eb41de8f943f44
ssdeep: 98304:7ZgJ4S9FsPvHVxm6wJFEZGsdahkwAI6wy:7iJt9+PvH1wJeZuywjc
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10CE55C80FACB40F9ED43497281A6A37F8F309F064021D5AAEE69BF19EF33653151E255
sha3_384: cf9ca93f5d33dcdc042f27bfc96631f0f156effc9ebc9f7b512547160b337852bb7511607c7dccd8b4f870ebd65f7402
ep_bytes: 5589e583ec08c7042402000000ff1538
timestamp: 2009-09-10 01:45:43


Version Info:

FileDescription: Uninstall Receitanet 1.07
OriginalFilename: Desinstalador.exe
: 
Translation: 0x0409 0x04b0

Troj/AutoG-CR also known as:

BkavW32.AIDetect.malware2
FireEyeGeneric.mg.006de3647dff8a96
CylanceUnsafe
ZillyaAdware.OutBrowse.Win32.80942
SangforTrojan.Win32.Save.a
K7AntiVirusRiskware ( 0040eff71 )
AlibabaMalware:Win32/km_28bac3.None
K7GWRiskware ( 0040eff71 )
CyrenW32/S-df2e7675!Eldorado
Elasticmalicious (high confidence)
Paloaltogeneric.ml
AvastWin32:Evo-gen [Susp]
EmsisoftApplication.Generic (A)
McAfee-GW-EditionBehavesLike.Win32.Trojan.wh
Trapminemalicious.moderate.ml.score
SophosTroj/AutoG-CR
IkarusTrojan.Patched
AviraTR/Patched.Ren.Gen
Antiy-AVLTrojan/Generic.ASMalwS.3C54
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 99)
McAfeeArtemis!006DE3647DFF
VBA32Trojan.MulDrop
MalwarebytesGeneric.Trojan.Banker.DDS
APEXMalicious
RisingTrojan.Generic@AI.94 (RDMK:D0Xddc2BMm86IvEc7ffQxg)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.11973.susgen
FortinetW32/GenericKD.F309!tr
AVGWin32:Evo-gen [Susp]
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Troj/AutoG-CR?

Troj/AutoG-CR removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment