About "MemScan:Backdoor.Generic.755288" infection

The MemScan:Backdoor.Generic.755288 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What MemScan:Backdoor.Generic.755288 virus can do?

Creates RWX memory
Detected script timer window indicative of sleep style evasion
A process attempted to delay the analysis task.
Reads data out of its own binary image
Drops a binary and executes it
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
A scripting utility was executed
Uses Windows utilities for basic functionality
Deletes its original binary from disk
Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine MemScan:Backdoor.Generic.755288?


File Info:
crc32: 6F510C6C
md5: fa0ab9c168040d836ecee5e07e2f5d19
name: FA0AB9C168040D836ECEE5E07E2F5D19.mlw
sha1: aeaed9086882f0d0e1c087ad2a706466a174e396
sha256: 645f095d3d3e1c5b71bac97a7fe92451d904fab5e90bc25999763fc706dc34c3
sha512: 4dc3b58bc8bdbda008eb59173b1e9b7dacb359d0c2fc616823b411e18b05187cb5ff940f18be1bb28e79288f0c6c04b7de00c164cb9ce9d978361603784703a7
ssdeep: 6144:ouIlWqB+ihabs7Ch9KwyF5LeLodp2D1Mmakda0qLMw7Z04P3dkJHj:T6Wq4aaE6KwyF5L0Y2D1PqL/Ft0Hj
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:
CompiledScript: AutoIt v3 Script: 3, 3, 8, 1
FileVersion: 3, 3, 8, 1
FileDescription: 
Translation: 0x0809 0x04b0

MemScan:Backdoor.Generic.755288 also known as:

Bkav	W32.AIDetect.malware2
K7AntiVirus	Trojan ( 004babbf1 )
DrWeb	BackDoor.Comet.152
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.BlockerRI.S17616033
ALYac	MemScan:Backdoor.Generic.755288
Zillya	Dropper.Generic.Win32.3478
Alibaba	Ransom:VBS/Blocker.b1ff8214
K7GW	Trojan ( 004babbf1 )
Cybereason	malicious.168040
Baidu	Multi.Threats.InArchive
Cyren	W32/FakeDoc.G.gen!Eldorado
Symantec	Trojan Horse
ESET-NOD32	multiple detections
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Trojan.Remcos-9846521-0
Kaspersky	Trojan-Ransom.Win32.Blocker.hrft
BitDefender	MemScan:Backdoor.Generic.755288
NANO-Antivirus	Trojan.Script.Autoit.debvea
SUPERAntiSpyware	Trojan.Agent/Gen-Downloader
MicroWorld-eScan	MemScan:Backdoor.Generic.755288
Tencent	Win32.Trojan.Blocker.Ecac
Ad-Aware	MemScan:Backdoor.Generic.755288
Sophos	Mal/Generic-S
Comodo	Malware@#2cybsqa7u0edu
BitDefenderTheta	AI:Packer.DFD329EB15
VIPRE	Trojan.Win32.Generic.pak!cobra
TrendMicro	Cryp_Embed4
McAfee-GW-Edition	BehavesLike.Win32.Injector.gc
FireEye	MemScan:Backdoor.Generic.755288
Emsisoft	MemScan:Backdoor.Generic.755288 (B)
Jiangmin	Trojan.Script.wpy
Avira	DR/AutoIt.Gen
Kingsoft	Win32.Troj.Undef.(kcloud)
Microsoft	Trojan:Win32/Occamy.C
Arcabit	Backdoor.Generic.DB8658
AegisLab	Trojan.Win32.Genome.linK
GData	MemScan:Backdoor.Generic.755288
AhnLab-V3	Trojan/Win32.Zbot.R103557
McAfee	Artemis!FA0AB9C16804
MAX	malware (ai score=99)
VBA32	Hoax.Blocker
TrendMicro-HouseCall	Cryp_Embed4
Rising	Ransom.Blocker!8.12A (CLOUD)
Yandex	Trojan.GenAsa!N71EllaXIy8
Ikarus	Backdoor.Win32.SuspectCRC
MaxSecure	Trojan.Autoit.AZA
Fortinet	W32/Dropper.PYN!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml

How to remove MemScan:Backdoor.Generic.755288?

MemScan:Backdoor.Generic.755288 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About “MemScan:Backdoor.Generic.755288” infection