Risk

RiskWare.PortScanner malicious file

Malware Removal

The RiskWare.PortScanner is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What RiskWare.PortScanner virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • A file was accessed within the Public folder.
  • Authenticode signature is invalid
  • CAPE detected the shellcode patterns malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine RiskWare.PortScanner?


File Info:

name: 5C7050E14E090C71B337.mlw
path: /opt/CAPEv2/storage/binaries/afa241787fde424249c8b445b1d66f40de8b08bc7bed7bef97c1fec4b069e53b
crc32: 38A71B3A
md5: 5c7050e14e090c71b3373aeb2ee13914
sha1: b64e57d7dd7e8b500ad53800aad4d132a1a1bd36
sha256: afa241787fde424249c8b445b1d66f40de8b08bc7bed7bef97c1fec4b069e53b
sha512: 1868cfbc01a94d095690d69cd09661e88d65359fba589a7cd775db9d0b9784201631fe65e1f84b3e3dab8f7814af22fb5ad4d6773473b67a270fbeb9171d6682
ssdeep: 768:FMnOSTQgJxCCTyyS/py5GT3LYSYNzKolqPB4jrYdTABGWzOBhCHElKa5op+zgfjp:FMOAZWpKgLYqouWYdWhOSklKM0x
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19F53F75A2EE0C473E272427406B35FA2ABFBBE4157318B8B5F147E3D6874611ED1A312
sha3_384: ddec81f7a5398f5fa2d654d8d401989eed4ebb43ac354046a75f20db0059e0e58b3b781b0fce777d51da538e9bca7cec
ep_bytes: 558bec6aff68c0974000681086400064
timestamp: 2000-11-13 03:53:53

Version Info:

Comments:
CompanyName: Foundstone Inc.
FileDescription: SuperScan
FileVersion: 3, 0, 0, 0
InternalName: SuperScan
LegalCopyright: Copyright © 2000 Foundstone
LegalTrademarks:
OriginalFilename: scanner.exe
PrivateBuild:
ProductName: SuperScan
ProductVersion: 3, 0, 0, 0
SpecialBuild:
Translation: 0x0409 0x04b0

RiskWare.PortScanner also known as:

Elasticmalicious (high confidence)
Cylanceunsafe
SymantecSuperScan
ESET-NOD32Win32/NetTool.SuperScan.AA potentially unsafe
ClamAVWin.Trojan.Agent-6240252-0
NANO-AntivirusRiskware.Win32.NetTool.itomeu
SophosSuperScan Port Scanner (PUA)
GoogleDetected
VaristW32/ABTrojan.AFXW-7205
Antiy-AVLRiskWare[NetTool]/Win32.SuperScan
KingsoftWin32.Troj.Undef.a
XcitiumMalware@#3bwygm3k0l0oh
VBA32BScope.Adware.Presenoker
MalwarebytesRiskWare.PortScanner
RisingTrojan.DL.Win32.Banload.cfz (CLASSIC)
MaxSecureTrojan.Malware.73376928.susgen
FortinetRiskware/NetTool_SuperScan
DeepInstinctMALICIOUS
alibabacloudHacktool:Win/NetTool.SuperScan

How to remove RiskWare.PortScanner?

RiskWare.PortScanner removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment