Malware

Razy.799386 (B) removal guide

Malware Removal

The Razy.799386 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Razy.799386 (B) virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Unconventionial binary language: Russian
  • A process attempted to delay the analysis task by a long amount of time.
  • Anomalous binary characteristics

How to determine Razy.799386 (B)?



File Info:

crc32: 28C4F3FA
md5: d19f363288f8e7940a129f3ea5cc6a75
name: D19F363288F8E7940A129F3EA5CC6A75.mlw
sha1: 96d70696b315d238a80b8025b063aa9e1a4fc259
sha256: df1e21af8b2b33e3dcaa7250162a5b7881746eecffc25448546a588eec1be88c
sha512: 2b95397032a296bc452645e64c1daee7bfc63bd9e6279b02126cc81317ddee556b7cde084ef5d2a504afc8ced88cfd997be22bc137481cef38c27bfef306587f
ssdeep: 3072:EMX6AefalE7TAK6cMBSH9gd4QXEGFvbfUGPuq2qS5G5HgByej:E1Aey6AKv2V/FDMGu1vMg
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 gora
InternalName: Button For 7z SFX
FileVersion: Version of file 4.2.4 build 2000 [x86]
CompanyName: Company 'gora-sah'
PrivateBuild: 08.06.2012
LegalTrademarks: Still is not present
Comments: Button For creation and job with 7z SXF archives
ProductName: Button v4.2.4 [x86]
SpecialBuild: For all users
ProductVersion: Version of product 4.2.4 [x86]
FileDescription: 7z SFX archive tool. The last version of 'Button' you can find on http://buttontc.7zsfx.info
OriginalFilename: Button.exe
Translation: 0x0419 0x04b0

Razy.799386 (B) also known as:

BkavW32.AIDetectVM.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Razy.799386
FireEyeGeneric.mg.d19f363288f8e794
ALYacGen:Variant.Razy.799386
CylanceUnsafe
SangforMalware
CrowdStrikewin/malicious_confidence_80% (D)
BitDefenderGen:Variant.Razy.799386
K7GWSpyware ( 0040f0131 )
K7AntiVirusSpyware ( 0040f0131 )
SymantecML.Attribute.HighConfidence
APEXMalicious
KasperskyUDS:DangerousObject.Multi.Generic
RisingTrojan.Kryptik!8.8 (TFE:2:uVNqqgA4Ji)
Ad-AwareGen:Variant.Razy.799386
EmsisoftGen:Variant.Razy.799386 (B)
McAfee-GW-EditionArtemis!Trojan
SophosML/PE-A + Mal/EncPk-APV
eGambitUnsafe.AI_Score_99%
Antiy-AVLGrayWare/Win32.Kryptik.ehls
MicrosoftTrojan:Win32/Wacatac.DD!ml
GridinsoftMalware.Win32.Pack.40712!se
ArcabitTrojan.Razy.DC329A
ZoneAlarmUDS:DangerousObject.Multi.Generic
GDataGen:Variant.Razy.799386
CynetMalicious (score: 100)
McAfeeGenericRXMV-BP!D19F363288F8
MAXmalware (ai score=83)
VBA32BScope.Backdoor.Qbot
MalwarebytesSpyware.Zbot.ED
ESET-NOD32a variant of Win32/Kryptik.HHYG
SentinelOneStatic AI – Malicious PE
FortinetW32/Kryptik.HDJM!tr
BitDefenderThetaGen:NN.ZedlaF.34670.Kz8@aWRJiCli
Qihoo-360HEUR/QVM40.1.AF87.Malware.Gen

How to remove Razy.799386 (B)?

Razy.799386 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment