Tedy.56860 (B) removal tips

The Tedy.56860 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Tedy.56860 (B) virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Anomalous .NET characteristics
Anomalous binary characteristics

How to determine Tedy.56860 (B)?


File Info:
name: CD039F1A094173B5FBDC.mlw
path: /opt/CAPEv2/storage/binaries/4da8c4240658b91cd80f0e236bbb773f4387d2a24e10df9ea5a0cbfeb7dbfe57
crc32: FF4AAFD2
md5: cd039f1a094173b5fbdc5d2f5a0d433c
sha1: fb971eb99c106af49b4e5c01739eb8b70ee698f3
sha256: 4da8c4240658b91cd80f0e236bbb773f4387d2a24e10df9ea5a0cbfeb7dbfe57
sha512: 73880abfb3a6ec985fc59157a4f5892de858182091255195b193969b070fe7e63641cf5df5f22729dee5bc512d4c03ef22fda5f0ca16ee13ca8c7760590e3379
ssdeep: 192:JaYIEWUBFeC9dWSWC9t9wV492+A38ZwZjs1CtxOiWcLEmorsfiFWTaY:J/jjdWU/GG92+AsZwZjs4WIEmXoWTaY
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1C002E710BBF88519F1FF4F7929F22311427DFAA35A13C35E1885014E5D22B41CEA27B6
sha3_384: 897744f0b1a25e4061efe2e901b6a4f46f5405d4039ac94bbd8f31b21ee8e9e206311a8f81454d8db12df83e0d3e9a01
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2021-12-06 20:57:20

Version Info:
Translation: 0x0000 0x04b0
Comments: Shell Infrastructure Host
FileDescription: Shell Infrastructure Host
FileVersion: 10.0.19041.746
InternalName: szz-watchdog.exe
LegalCopyright: © Microsoft Corporation. All Rights Reserved.
OriginalFilename: szz-watchdog.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.746
Assembly Version: 0.0.0.0

Tedy.56860 (B) also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Tedy.56860
FireEye	Generic.mg.cd039f1a094173b5
ALYac	Gen:Variant.Tedy.56860
Cylance	Unsafe
K7AntiVirus	Trojan ( 0057f9af1 )
Cybereason	malicious.99c106
Cyren	W64/MSIL_Kryptik.EHB.gen!Eldorado
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of Win32/CoinMiner.CGV
Paloalto	generic.ml
Cynet	Malicious (score: 99)
Kaspersky	HEUR:Trojan.MSIL.Convagent.gen
BitDefender	Gen:Variant.Tedy.56860
Avast	Win64:CoinminerX-gen [Trj]
Tencent	Trojan.Win64.BitCoinMiner.16000099
Ad-Aware	Gen:Variant.Tedy.56860
TrendMicro	TROJ_GEN.R002C0WL721
McAfee-GW-Edition	Artemis!Trojan
Emsisoft	Gen:Variant.Tedy.56860 (B)
SentinelOne	Static AI – Malicious PE
GData	Gen:Variant.Tedy.56860
Avira	HEUR/AGEN.1143071
MAX	malware (ai score=88)
Gridinsoft	Ransom.Win64.Gen.sa
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
AhnLab-V3	Trojan/Win.Generic.C4751456
McAfee	Artemis!CD039F1A0941
TrendMicro-HouseCall	TROJ_GEN.R002C0WL721
Ikarus	Trojan.Win32.CoinMiner
Fortinet	MSIL/CoinMiner.CGV!tr
AVG	Win64:CoinminerX-gen [Trj]
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_90% (W)

How to remove Tedy.56860 (B)?

Tedy.56860 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X