Doina.29715 removal guide

The Doina.29715 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Doina.29715 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
At least one process apparently crashed during execution
Reads data out of its own binary image
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Doina.29715?


File Info:
name: 99DC4702BD1415EC6AA1.mlw
path: /opt/CAPEv2/storage/binaries/bbc8c497434100fc6ec901ff858b05f73b5ad0347b4d39bb77805710312935e3
crc32: 734A06BB
md5: 99dc4702bd1415ec6aa1fda40d26c6bc
sha1: 030303ac67fb85d9856ef59f671f7e48453bf670
sha256: bbc8c497434100fc6ec901ff858b05f73b5ad0347b4d39bb77805710312935e3
sha512: ea8694ed22105baea2359035484adafd997a138b1676feb108dbee8903a7bf59bb54c987117b9167473d6d4be8c3cda589ffdac15942f4a5b70c77d8b076a8cc
ssdeep: 393216:mAxOAI8M4qBgjT39PljV5L1fMwDK3ZPI0b2yvKnBn:mAxOAvzqBaTNF1Ewe3ZPTtg
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1C7E63343FD4211E8ED37697A2468F26F418406FDD81ACCA2FAB8DF7EA032711DD16265
sha3_384: e47cae12448655fbfd5658979bf3c52e92055c57027e3f09265f17f5172e1f852f6d723286097e4c2f8c28d811d9601b
ep_bytes: 5589e583ec18c745f4ff000000c705e0
timestamp: 2021-12-02 18:26:35

Version Info:
0: [No Data]

Doina.29715 also known as:

Lionic	Trojan.Win32.Agent.l!c
MicroWorld-eScan	Gen:Variant.Doina.29715
FireEye	Gen:Variant.Doina.29715
ALYac	Gen:Variant.Doina.29715
Zillya	Trojan.Agent.Win32.2581704
Alibaba	Ransom:Win32/RansomX.eaaf08d4
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Kaspersky	HEUR:Trojan-Spy.Win32.Agent.gen
BitDefender	Gen:Variant.Doina.29715
Avast	Win32:RansomX-gen [Ransom]
Ad-Aware	Gen:Variant.Doina.29715
Sophos	Mal/Generic-S
TrendMicro	TROJ_GEN.R002C0WL921
McAfee-GW-Edition	BehavesLike.Win32.Dropper.tc
Emsisoft	Gen:Variant.Doina.29715 (B)
Ikarus	Trojan.Spy.Agent
GData	Win32.Trojan-Stealer.Cordimik.45REX5
Jiangmin	TrojanSpy.Agent.affa
Avira	TR/Spy.Agent.apiso
Arcabit	Trojan.Doina.D7413
Microsoft	Trojan:Win32/Sabsik.TE.B!ml
AhnLab-V3	Dropper/Win.Generic.R456224
McAfee	GenericRXAA-AA!99DC4702BD14
MAX	malware (ai score=85)
VBA32	BScope.TrojanRansom.Gen
TrendMicro-HouseCall	TROJ_GEN.R002C0WL921
Fortinet	W32/PossibleThreat
AVG	Win32:RansomX-gen [Ransom]
Panda	Trj/CI.A

How to remove Doina.29715?

Doina.29715 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X