About “Razy.577824” infection

Malware Removal

The Razy.577824 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

ribbon

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
THANK YOU!
DOWNLOAD NOW
On Going Offer

What Razy.577824 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Uses Windows utilities for basic functionality
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Installs itself for autorun at Windows startup
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Attempts to modify proxy settings
  • Collects information to fingerprint the system

Related domains:

z.whorecord.xyz
a.tomx.xyz
www.pdfmate.com
iam.010620.165-227-83-163.site
www.google-analytics.com
010620.165-227-83-163.site

How to determine Razy.577824?


File Info:

crc32: 24C06199
md5: 82b4b549c372bf311aba49f1cf1fa92e
name: setup_pdf_converter_pro.exe
sha1: 7094ec0c15465a3ae0f08030f914f5fa0b25e76f
sha256: b6d9a2c8f49f28d38d10fb43576eed3471a301bccee22e57eb19dba073700421
sha512: e12d0dde662dbbb5cbae5957adf3683668f5fdf5fec2f321a08cd9a5ec26d3478ea2c5efc837fa246634c45c260a70513c22cdb9c4b5bf2e91419866d52bd6c0
ssdeep: 49152:8a5slUkBfu8MbQcYAvncp9d+kYVKkZlqnLSKhj08:t5sTI81cYcnIn+JQkZlqLxjX
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright:
FileVersion: 1.8.9.0
CompanyName: Anvsoft
Comments: This installation was built with Inno Setup.
ProductName: PDFMate PDF Converter Professional
ProductVersion: 1.8.9
FileDescription: PDFMate PDF Converter Professional Setup
Translation: 0x0000 0x04b0

Razy.577824 also known as:

MicroWorld-eScanGen:Variant.Razy.577824
McAfeeArtemis!82B4B549C372
CylanceUnsafe
AegisLabTrojan.Win32.Agent.l!c
K7AntiVirusSpyware ( 0052641b1 )
BitDefenderGen:Variant.Razy.577824
K7GWSpyware ( 0052641b1 )
CyrenW32/Trojan.PDEZ-4994
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Spy.Agent.PJB
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan-Spy.Win32.Agent.jwsg
AlibabaTrojanSpy:Win32/Vigorf.402e3552
NANO-AntivirusTrojan.Win32.Johnnie.hexxnz
TencentWin32.Trojan-spy.Agent.Eanc
EmsisoftGen:Variant.Razy.577824 (B)
F-SecureHeuristic.HEUR/AGEN.1010414
McAfee-GW-EditionBehavesLike.Win32.Dropper.tc
FortinetW32/Generic.AP.11B6D94!tr
FireEyeGen:Variant.Razy.577824
SophosMal/Generic-S
WebrootW32.Adware.Gen
AviraHEUR/AGEN.1042359
MAXmalware (ai score=88)
Antiy-AVLTrojan/Win32.Occamy
ArcabitTrojan.Razy.D8D120
ZoneAlarmTrojan-Spy.Win32.Agent.jwsg
MicrosoftTrojan:Win32/Occamy.C
VBA32TrojanSpy.Agent
MalwarebytesSpyware.Agent
PandaTrj/CI.A
RisingSpyware.Agent!8.C6 (TFE:5:i5zmHmfKaW)
IkarusTrojan-Spy.Agent
GDataGen:Variant.Razy.577824
AVGWin32:Trojan-gen
AvastWin32:Trojan-gen
Qihoo-360Win32/Trojan.Spy.b0d

How to remove Razy.577824?

Razy.577824 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment