Razy.158303 removal tips

The Razy.158303 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Razy.158303 virus can do?

Executable code extraction
Injection (inter-process)
Injection (Process Hollowing)
Creates RWX memory
A process attempted to delay the analysis task.
A process created a hidden window
Executed a process and injected code into it, probably while unpacking
Exhibits behavior characteristic of Nymaim malware
Checks the version of Bios, possibly for anti-virtualization
Zeus P2P (Banking Trojan)
Collects information to fingerprint the system
Anomalous binary characteristics

Related domains:

haqgcyzzrhyr.com

zbbmvgh.pw

ytlbpbx.pw

bwaxqcmrtt.com

pxnwtuxo.in

iwfbmdvftib.in

zzliuvhql.pw

opocob.pw

lcbijis.com

ngsqymfv.com

aaslu.pw

tjrcewdd.net

jwhjluugqzga.net

fsduv.net

kojntkaldbiv.com

How to determine Razy.158303?


File Info:
crc32: 19708ADA
md5: 8116c26cb424e0566749ebf2c0fccf2d
name: 8116C26CB424E0566749EBF2C0FCCF2D.mlw
sha1: cf171706b94aff7b2029f156ccfdc400226a9826
sha256: f8a111c284f505ed9d761dac64d12cbbeee13ece5afa43eb5ca2e886caf61eb0
sha512: 4d0149a88fb8f3089c36230527b180d9203a6a36ae69299341879421d8ea7b5a2ed475915ece784aa779d39c20c99d7351c426176822f936657e57adf5bdd8c3
ssdeep: 12288:VCwJ0lOzH+Z0ZyhZQT/WiwCKDV0V1Z3Dzq:YwQZxhZQT/WiJi6V1Z3Dz
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Razy.158303 also known as:

Bkav	W32.AIDetectVM.malware2
Elastic	malicious (high confidence)
DrWeb	Trojan.Nymaim.143
MicroWorld-eScan	Gen:Variant.Razy.158303
FireEye	Generic.mg.8116c26cb424e056
ALYac	Gen:Variant.Razy.158303
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Trojan-Downloader ( 004d4b861 )
BitDefender	Gen:Variant.Razy.158303
K7GW	Trojan-Downloader ( 004d4b861 )
Cybereason	malicious.cb424e
BitDefenderTheta	Gen:NN.ZexaF.34804.QqW@aOt0@yai
Cyren	W32/Trojan.INKC-3806
Symantec	Packed.Generic.546
TrendMicro-HouseCall	TROJ_NYMAIM.SMR2
Avast	Win32:Rootkit-gen [Rtk]
Kaspersky	HEUR:Trojan.Win32.Generic
NANO-Antivirus	Trojan.Win32.Nymaim.enskzb
AegisLab	Trojan.Win32.Generic.4!c
Tencent	Malware.Win32.Gencirc.10bb85a6
Ad-Aware	Gen:Variant.Razy.158303
Emsisoft	Gen:Variant.Razy.158303 (B)
Comodo	Malware@#5k14tks5oxin
F-Secure	Heuristic.HEUR/AGEN.1117617
Zillya	Trojan.Nymaim.Win32.1815
TrendMicro	TROJ_NYMAIM.SMR2
McAfee-GW-Edition	BehavesLike.Win32.Generic.jm
Sophos	Mal/Generic-S
Ikarus	Trojan-Downloader.Win32.Nymaim
Jiangmin	Trojan.Nymaim.bza
eGambit	Unsafe.AI_Score_97%
Avira	HEUR/AGEN.1117617
MAX	malware (ai score=85)
Antiy-AVL	Trojan/Win32.Nymaim
Microsoft	Trojan:Win32/Azorult!ml
Arcabit	Trojan.Razy.D26A5F
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Gen:Variant.Razy.158303
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win32.Generic.C1900964
Acronis	suspicious
McAfee	Trojan-FLPA!8116C26CB424
VBA32	Trojan.Regsup
Malwarebytes	Trojan.Nymaim.Generic
Panda	Trj/GdSda.A
APEX	Malicious
ESET-NOD32	Win32/TrojanDownloader.Nymaim.BA
Rising	Downloader.Silcon!8.2D0A (RDMK:cmRtazrcEw6927SUCUBhPVWIoHX6)
Yandex	Trojan.Nymaim!AtN3N0YKsto
SentinelOne	Static AI – Malicious PE – Downloader
Fortinet	W32/Nymaim.354F!tr
AVG	Win32:Rootkit-gen [Rtk]
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_100% (D)
Qihoo-360	HEUR/QVM20.1.0FE2.Malware.Gen

How to remove Razy.158303?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.