How to remove "Dropped:Generic.Malware.S2!prn!.89F39BA9 (B)"?

The Dropped:Generic.Malware.S2!prn!.89F39BA9 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Dropped:Generic.Malware.S2!prn!.89F39BA9 (B) virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
Unconventionial language used in binary resources: Chinese (Simplified)
Creates an autorun.inf file
Authenticode signature is invalid
Installs itself for autorun at Windows startup
Creates a copy of itself
Attempts to disable UAC
Attempts to modify UAC prompt behavior
Anomalous binary characteristics

How to determine Dropped:Generic.Malware.S2!prn!.89F39BA9 (B)?


File Info:
name: 3AAE02BEA85010BBFC11.mlw
path: /opt/CAPEv2/storage/binaries/0ae4906f9f927b7d272c30cc1c00762f48a2790881556e210d426ef004713806
crc32: 03CFD181
md5: 3aae02bea85010bbfc11701135b7e169
sha1: 9f39d79554e1e4e8a4744d8e0c4bb37e0f1043e2
sha256: 0ae4906f9f927b7d272c30cc1c00762f48a2790881556e210d426ef004713806
sha512: 947fd248acff5cdb2ed4823cf4009849d9e9c5758bf04079e547581d1453660c13641c31224f6a4c403797cfe2ffd6ea995388562d79ef71d782ba12c916bb04
ssdeep: 12288:6mkgomkgomkgomkgomkgomkgomkgomkgomkgomkgomkgomkgomkgomkgomkgomk6:bVVVVVVVVVVVVVVVp
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T160957C2131C4C072E29216348976DBB24A2EFC760F7669C73BD8467A5E783D28B35397
sha3_384: 20df47ff75e1fd1f328c274a30b8c2fa5bfa2f49f124868ce1b3748c34dd951b400a0c4e92076cdafb64ae96b751e0ae
ep_bytes: e8a55f0000e989feffffff3500f24100
timestamp: 2021-01-25 08:06:55

Version Info:
CompanyName: Microsoft
FileDescription: Microsoft EXE
FileVersion: 10.19042.746.1
InternalName: MS.exe
LegalCopyright: Copyright (C) 2021
OriginalFilename: Microsoft.exe
ProductName: Microsoft Windows
ProductVersion: 10.19042.746.1
Translation: 0x0809 0x04b0

Dropped:Generic.Malware.S2!prn!.89F39BA9 (B) also known as:

Elastic	malicious (high confidence)
DrWeb	Trojan.Encoder.34268
MicroWorld-eScan	Dropped:Generic.Malware.S2!prn!.89F39BA9
FireEye	Generic.mg.3aae02bea85010bb
ALYac	Dropped:Generic.Malware.S2!prn!.89F39BA9
Cylance	Unsafe
VIPRE	BehavesLike.Win32.Malware.tsc (mx-v)
K7AntiVirus	Riskware ( 0040eff71 )
BitDefender	Dropped:Generic.Malware.S2!prn!.89F39BA9
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.ea8501
BitDefenderTheta	AI:Packer.AE12D8BE1F
Cyren	W32/Agent.DIM.gen!Eldorado
ESET-NOD32	a variant of Win32/Agent.OIJ
Kaspersky	UDS:Worm.Win32.Generic
NANO-Antivirus	Virus.Win32.Gen.ccmw
Tencent	Trojan.Win32.BitCoinMiner.la
Ad-Aware	Dropped:Generic.Malware.S2!prn!.89F39BA9
Emsisoft	Dropped:Generic.Malware.S2!prn!.89F39BA9 (B)
Zillya	Worm.Generic.Win32.2
McAfee-GW-Edition	BehavesLike.Win32.Generic.th
Sophos	ML/PE-A + Mal/Behav-421
GData	Dropped:Generic.Malware.S2!prn!.89F39BA9
Jiangmin	Worm.Generic.aqtf
Avira	WORM/Agent.sexgq
Antiy-AVL	Trojan/Generic.ASMalwS.34785CA
Arcabit	Generic.Malware.S2!prn!.89F39BA9
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Sabsik.R438811
McAfee	GenericRXAA-AA!3AAE02BEA850
MAX	malware (ai score=88)
VBA32	BScope.Trojan.Encoder
Malwarebytes	Trojan.FakeMS.Gen
APEX	Malicious
SentinelOne	Static AI – Suspicious PE
eGambit	Unsafe.AI_Score_97%
Fortinet	W32/Agent.OIJ!worm
AVG	Win32:WormX-gen [Wrm]
Avast	Win32:WormX-gen [Wrm]
CrowdStrike	win/malicious_confidence_80% (D)