Spyware.Taurus information

The Spyware.Taurus is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Spyware.Taurus virus can do?

Executable code extraction
Creates RWX memory
A process created a hidden window
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Uses Windows utilities for basic functionality
Deletes its original binary from disk
Attempts to repeatedly call a single API many times in order to delay analysis time
Steals private information from local Internet browsers
Collects information about installed applications
Attempts to modify proxy settings
Attempts to access Bitcoin/ALTCoin wallets
Harvests credentials from local FTP client softwares
Harvests information related to installed instant messenger clients
Harvests information related to installed mail clients
Anomalous binary characteristics
Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Spyware.Taurus?


File Info:
crc32: C7E12BA4
md5: 4141eca3c3f8fef9dd9386f5a97d1730
name: file0.exe
sha1: 0dcdf961da9fe9e4b3e1e70895a9e3bea43b8487
sha256: e5d73714c09ee0fe864523ce30b3bd1a77190adedd278861df0a3ba22bea2d9f
sha512: 9653de22a4a22e53e5c76a62dbcdfd1e67c40e61d172b085afd1bdd4e14505e70726a4a452f78865a8e2f0e7cda2589de65cd580749488758b8e39ce733e923a
ssdeep: 12288:qR7dtc1O3OkzOISVUQdnA5320udekj0I1y3dsz2+L/LAYaGDlK:qnu1jdIEHd0udekQrsS+LkYPxK
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Spyware.Taurus also known as:

Bkav	W32.AIDetectVM.malware2
MicroWorld-eScan	Gen:Variant.Razy.668796
BitDefenderTheta	Gen:NN.ZexaF.34108.1yW@aCb4q8ji
McAfee	RDN/Generic PWS.y
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Trojan ( 0056687a1 )
BitDefender	Gen:Variant.Razy.668796
K7GW	Trojan ( 0056687a1 )
Cybereason	malicious.1da9fe
Arcabit	Trojan.Razy.DA347C
TrendMicro	Trojan.Win32.MALREP.THEACBO
Cyren	W32/Trojan.GUAI-7712
APEX	Malicious
Paloalto	generic.ml
Kaspersky	UDS:DangerousObject.Multi.Generic
Alibaba	Trojan:Win32/Kryptik.e2833177
ViRobot	Trojan.Win32.S.Agent.876032.JD
AegisLab	Trojan.Win32.Razy.4!c
Endgame	malicious (high confidence)
Sophos	Mal/Generic-S
Comodo	Malware@#qhqejm2nej15
F-Secure	Trojan.TR/Kryptik.pswtj
DrWeb	Trojan.Carberp.1985
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Generic.ct
Trapmine	malicious.moderate.ml.score
FireEye	Generic.mg.4141eca3c3f8fef9
Emsisoft	Gen:Variant.Razy.668796 (B)
SentinelOne	DFI – Malicious PE
Avira	TR/Kryptik.pswtj
eGambit	Unsafe.AI_Score_99%
Antiy-AVL	Trojan/Win32.Occamy
Microsoft	Trojan:Win32/Occamy.C
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	Gen:Variant.Razy.668796
Acronis	suspicious
ALYac	Gen:Variant.Razy.668796
MAX	malware (ai score=100)
VBA32	BScope.TrojanPSW.IBank.1512
Malwarebytes	Spyware.Taurus
ESET-NOD32	a variant of Win32/Kryptik.HDHO
TrendMicro-HouseCall	Trojan.Win32.MALREP.THEACBO
Rising	Trojan.GenKryptik!8.AA55 (CLOUD)
Ikarus	Win32.Outbreak
Fortinet	W32/GenKryptik.EKJE!tr
Ad-Aware	Gen:Variant.Razy.668796
AVG	Win32:Trojan-gen
Avast	Win32:Trojan-gen
CrowdStrike	win/malicious_confidence_90% (W)
Qihoo-360	Generic/HEUR/QVM20.1.2AE5.Malware.Gen

How to remove Spyware.Taurus?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Spyware.Taurus information