How to remove "AIT:Trojan.Nymeria.4934"?

The AIT:Trojan.Nymeria.4934 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What AIT:Trojan.Nymeria.4934 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Yara rule detections observed from a process memory dump/dropped files/CAPE
Dynamic (imported) function loading detected
Performs HTTP requests potentially not found in PCAP.
DNS query to a paste site or service detected
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
Authenticode signature is invalid
Attempts to modify proxy settings
Harvests cookies for information gathering
Created network traffic indicative of malicious activity

Related domains:

wpad.local-net

yip.su

rentry.co

How to determine AIT:Trojan.Nymeria.4934?


File Info:
name: E55400D72C4461970981.mlw
path: /opt/CAPEv2/storage/binaries/d5347444daec327998766c3d52eb6a52ca469410511a3700e6e4a600b8c337a2
crc32: 519B4CD1
md5: e55400d72c446197098177f6c5d03026
sha1: fd3fc96ca38a29eac8c4ba24e56626f5cf136211
sha256: d5347444daec327998766c3d52eb6a52ca469410511a3700e6e4a600b8c337a2
sha512: 2fffb352e98064546a640f63e84569af8e0cb159489050e85349d74a13299ba967f89b8ab56ea92efd0972e49e3f1bec81bbcdc703276d3c41545a21c282b17b
ssdeep: 12288:H5m8ZlWk6VT6qIm9qCZb5rTa8kdVXpPWw1xKOD/oILuQNU:QO+DD9qCZb5rTa8UPPJKI/oILC
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T19DC4229595E8A971D26827B1C832CE885DE43931EF80397C6B58F14DB830743DDABF1A
sha3_384: 606578863ed1236b558e9016a14ac25e2aca2e3731c661a93c4524b2125bc1bb8b937ad543a0d3bae10cd0f0acfc66d2
ep_bytes: 53565755488d353514faff488dbe0010
timestamp: 2021-11-23 10:07:54

Version Info:
FileVersion: 2.0.0.6
Comments: Sys
FileDescription: Sys
ProductName: Sys
ProductVersion: 3.3.14.5
CompanyName: Sys
LegalCopyright: Sys
LegalTradeMarks: Sys
Translation: 0x0809 0x04b0

AIT:Trojan.Nymeria.4934 also known as:

Lionic	Trojan.Script.Kpavtoit.b!c
MicroWorld-eScan	AIT:Trojan.Nymeria.4934
FireEye	AIT:Trojan.Nymeria.4934
CAT-QuickHeal	Trojandropper.Script
McAfee	Artemis!E55400D72C44
K7AntiVirus	Trojan ( 005850dc1 )
Alibaba	TrojanDropper:Script/Kpavtoit.5febed44
K7GW	Trojan ( 005850dc1 )
Cybereason	malicious.ca38a2
Symantec	Trojan.Gen.MBT
ESET-NOD32	multiple detections
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Dropper.Razy-6646749-0
Kaspersky	HEUR:Trojan-Dropper.Script.Kpavtoit.gen
BitDefender	AIT:Trojan.Nymeria.4934
Avast	AutoIt:Obfuscated-A [Cryp]
Tencent	Win32.Trojan.Nymeria.Ajbg
Ad-Aware	AIT:Trojan.Nymeria.4934
Sophos	Mal/Generic-S
TrendMicro	TROJ_GEN.R002C0PKQ21
McAfee-GW-Edition	BehavesLike.Win64.Injector.hc
Emsisoft	AIT:Trojan.Nymeria.4934 (B)
Ikarus	Trojan-Downloader.Win32.AutoIt
GData	AIT:Trojan.Nymeria.4934 (2x)
Jiangmin	Trojan.IRCBot.wp
Avira	TR/Dldr.Autoit.bzhdn
Gridinsoft	Ransom.Win64.Sabsik.sa
Arcabit	AIT:Trojan.Nymeria.D1346
ViRobot	Trojan.Win32.Z.Nymeria.556544.A
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.R438925
ALYac	AIT:Trojan.Nymeria.4934
MAX	malware (ai score=80)
TrendMicro-HouseCall	TROJ_GEN.R002C0PKQ21
Fortinet	AutoIt/Nymeria.4758!tr
AVG	AutoIt:Obfuscated-A [Cryp]

How to remove AIT:Trojan.Nymeria.4934?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

How to remove “AIT:Trojan.Nymeria.4934”?