Categories: Risk

RiskWare.AngryScanner removal guide

The RiskWare.AngryScanner is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What RiskWare.AngryScanner virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Possible date expiration check, exits too soon after checking local time
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family
  • Anomalous binary characteristics

How to determine RiskWare.AngryScanner?



File Info:

name: 94D6B6A018B2B0DFA8AE.mlwpath: /opt/CAPEv2/storage/binaries/093f7f629dc57456cffd6db37596f5a82a0c054a2e50eb0c592f9b99054ac592crc32: CF91E385md5: 94d6b6a018b2b0dfa8aeddfe7ca309d3sha1: 90ade37c2cb34ce07385f994334143428de8c785sha256: 093f7f629dc57456cffd6db37596f5a82a0c054a2e50eb0c592f9b99054ac592sha512: bc2abb4e05494b4f425a991846c9e4af07b88239d674a15d778801bdff76b850ddb2c0d5fa69dfa9343fa05890242d068ba2af05b5fcff97cd2b853aedaf3b01ssdeep: 6144:EDKW1Lgbdl0TBBvjc/B8wG3vjLZbvijc92Zhe8Q:Sh1Lk70TnvjcJ8R3LtOZZpQtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T19F44BE207280C1B2D4B7213044D6CA75AB7978624B66A5D7B6ED3B7B6F313D0A3362CDsha3_384: d9de901e676c54baae3091a946a91036168f7c274fa661ce7a83beaf678090d6f2984cb99f752ab356653625ed8f31a4ep_bytes: e8e15c0000e9a4feffff8bff558bec83timestamp: 2012-07-13 22:47:16

Version Info:

Translation: 0x0000 0x04b0Comments: CompanyName: FileDescription: AngryScannerFileVersion: 1.0.0.0InternalName: AngryScanner.exeLegalCopyright: Copyright ©  2020LegalTrademarks: OriginalFilename: AngryScanner.exeProductName: AngryScannerProductVersion: 1.0.0.0Assembly Version: 1.0.0.0

RiskWare.AngryScanner also known as:

Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKD.43448023
FireEye Generic.mg.94d6b6a018b2b0df
ALYac Trojan.GenericKD.43448023
Cylance Unsafe
Sangfor Trojan.Win32.Ashify.J
K7AntiVirus Riskware ( 0040eff71 )
Alibaba Trojan:Win32/Ashify.c5055758
K7GW Riskware ( 0040eff71 )
Cybereason malicious.018b2b
BitDefenderTheta Gen:NN.ZexaF.34212.qq0@aWNqcYc
Cyren W32/Trojan.DAN.gen!Eldorado
Symantec ML.Attribute.HighConfidence
TrendMicro-HouseCall TROJ_GEN.R002C0DLJ21
Paloalto generic.ml
ClamAV Win.Dropper.Sodinokibi-9862317-0
Kaspersky VHO:Trojan-Downloader.Win32.Convagent.gen
BitDefender Trojan.GenericKD.43448023
Rising Downloader.Convagent!8.123D1 (CLOUD)
Ad-Aware Trojan.GenericKD.43448023
VIPRE Trojan.Win32.Generic!BT
TrendMicro TROJ_GEN.R002C0DLJ21
McAfee-GW-Edition BehavesLike.Win32.Generic.dc
Emsisoft Trojan.GenericKD.43448023 (B)
SentinelOne Static AI – Malicious PE
GData Win32.Trojan.Sabsik.B
Avira HEUR/AGEN.1235861
MAX malware (ai score=87)
Arcabit Trojan.Generic.D296F6D7
ZoneAlarm VHO:Trojan-Downloader.Win32.Convagent.gen
Microsoft Trojan:Win32/Ashify.J!rfn
Cynet Malicious (score: 100)
Acronis suspicious
McAfee Artemis!94D6B6A018B2
VBA32 TrojanDownloader.Convagent
Malwarebytes RiskWare.AngryScanner
APEX Malicious
Ikarus Trojan.MSIL.Spy
MaxSecure Trojan.Malware.87187686.susgen
CrowdStrike win/malicious_confidence_60% (D)

How to remove RiskWare.AngryScanner?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: AngryScanner.exeRiskWare.AngryScanner
2 years ago

Recent Posts

Malware.AI.1558347307 information

The Malware.AI.1558347307 is considered dangerous by lots of security experts. When this infection is active,…

8 mins ago

Worm.Win32.Viking.lw removal tips

The Worm.Win32.Viking.lw is considered dangerous by lots of security experts. When this infection is active,…

9 mins ago

Should I remove “Generic.Dacic.1A7FA519.A.342C4103”?

The Generic.Dacic.1A7FA519.A.342C4103 is considered dangerous by lots of security experts. When this infection is active,…

9 mins ago

Graftor.84307 removal guide

The Graftor.84307 is considered dangerous by lots of security experts. When this infection is active,…

10 mins ago

Generic.Malware.SF!dld!.B5514086 removal

The Generic.Malware.SF!dld!.B5514086 is considered dangerous by lots of security experts. When this infection is active,…

14 mins ago

Malware.AI.2324594041 (file analysis)

The Malware.AI.2324594041 is considered dangerous by lots of security experts. When this infection is active,…

19 mins ago