Risk

Should I remove “Risktool.Flystudio.17515”?

Malware Removal

The Risktool.Flystudio.17515 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Risktool.Flystudio.17515 virus can do?

  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.

Related domains:

z.whorecord.xyz
vip.mljsq.cn
a.tomx.xyz

How to determine Risktool.Flystudio.17515?


File Info:

crc32: 7D499367
md5: 9970e58f5646c5e77fb003c5fcbe8127
name: ml.exe
sha1: 1267f317e25ae1b7ec7e00d6dbc8a1f3615dbc47
sha256: 81e6ebf06cc30cd42955a5f1678d14de87c3ed9988f47bd6c4010a2fd99c7b9a
sha512: b0907a1b55de93717a47605919ba51d3139b69dd0468ef4a23014bb06ea4a4f0a904534c913788ff3933d0437219d5e7566cc31c398251e5097ec335ba75c73e
ssdeep: 49152:tJ/vYm/gVXiPxuylWp+vZj8Ik86utE6VRiclXs+s8KuqGaX0ToIBAUZLYQh:D/v/g9iPsK++BgZutE6VRicNJBAUZLH
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: Copyrightxff08Cxff092010
FileVersion: 2.0.1.91001
Comments: x672cx7a0bx5e8fx4f7fx7528x6613x8bedx8a00x7f16x5199(http://www.eyuyan.com)
ProductName: x732bx7075x52a0x901fx5668
ProductVersion: 2.0.1.91001
FileDescription: x732bx7075x52a0x901fx5668x4e3bx7a0bx5e8fxff0cx7f51x7edcx6e38x620fx52a0x901fx670dx52a1x3002
Translation: 0x0804 0x04b0

Risktool.Flystudio.17515 also known as:

BkavW32.AIDetectVM.malware
CAT-QuickHealRisktool.Flystudio.17515
McAfeeArtemis!9970E58F5646
CylanceUnsafe
K7AntiVirusTrojan ( 005246d51 )
K7GWTrojan ( 005246d51 )
APEXMalicious
GDataWin32.Application.PUPStudio.A
RisingMalware.Heuristic!ET#93% (RDMK:cmRtazqWwqoFK4ElqJBvRoW0mHFc)
Endgamemalicious (high confidence)
ComodoTrojWare.Win32.Agent.OSCF@5rs7jr
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.Trojan.th
FireEyeGeneric.mg.9970e58f5646c5e7
IkarusTrojan-PSW.QQpass
Antiy-AVLGrayWare/Win32.FlyStudio.a
MicrosoftPUA:Win32/CoinMiner
SentinelOneDFI – Suspicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/QQWare.A!tr

How to remove Risktool.Flystudio.17515?

Risktool.Flystudio.17515 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment