Trojan

Trojan.ConvagentPMF.S31119695 removal tips

Malware Removal

The Trojan.ConvagentPMF.S31119695 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.ConvagentPMF.S31119695 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.ConvagentPMF.S31119695?



File Info:

name: 90F618A7DB45302D55EF.mlw
path: /opt/CAPEv2/storage/binaries/99a0cad101a59e72296dc8d3511c291565cc5a2a1868259631e0feba502a846f
crc32: BDDFA3E3
md5: 90f618a7db45302d55ef9fa969da6d83
sha1: 3d0336d46e2220a299c0e0c52dfffd540baa2b06
sha256: 99a0cad101a59e72296dc8d3511c291565cc5a2a1868259631e0feba502a846f
sha512: c9e89586ae77577001c11aab5d379d098e21bbfe1c9da0ce40b7ca039dc42772f934caa74e743a0fed2cc486c0e9624bac7ba7b69dc23859f1863b18255ba06a
ssdeep: 12288:WJiD4tVvT587j1gv4OQDY07NvcePt5r8THUQQZ4QA+Mx/:tk7T58d007xtuTNQZ46I
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T175C4CE2173E68032E1B30975993AA7764CBF7C354C32888EB3D56E1D5E71AC2D478B26
sha3_384: 7c14df3c88722c7a9acb06a7c93b304f5c394c9b55686f994a5a9c6d0ca152916c1912cbde638732f217430362873919
ep_bytes: e823cdffffe989feffff8bff558bec8b
timestamp: 2019-12-11 02:15:28


Version Info:

CompanyName: Oracle Corporation
FileDescription: Java(TM) Web Start Launcher
FileVersion: 11.241.2.07
Full Version: 11.241.2.07
InternalName: Java(TM) Web Start Launcher
LegalCopyright: Copyright © 2019
OriginalFilename: javaws.exe
ProductName: Java(TM) Platform SE 8 U241
ProductVersion: 8.0.2410.7
Translation: 0x0000 0x04b0

Trojan.ConvagentPMF.S31119695 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
DrWebWin32.Beetle.3
MicroWorld-eScanGen:Variant.Mint.Zard.5
FireEyeGeneric.mg.90f618a7db45302d
CAT-QuickHealTrojan.ConvagentPMF.S31119695
SkyhighBehavesLike.Win32.Generic.hc
McAfeeArtemis!90F618A7DB45
ZillyaTrojan.Patched.Win32.161674
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005ab4bf1 )
AlibabaTrojan:Win32/Senoval.9fa52351
K7GWTrojan ( 005ab4bf1 )
BitDefenderThetaGen:NN.ZexaF.36804.Ju0@ayQmnsli
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Patched.NKM
APEXMalicious
AvastWin32:Patched-AWW [Trj]
KasperskyVirus.Win32.Senoval.a
BitDefenderGen:Variant.Mint.Zard.5
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
TencentTrojan.Win32.Pathced_ya.16001052
SophosW32/Patched-CD
F-SecureTrojan.TR/Patched.Gen
VIPREGen:Variant.Mint.Zard.5
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Mint.Zard.5 (B)
Paloaltogeneric.ml
MAXmalware (ai score=81)
GoogleDetected
AviraTR/Patched.Gen
VaristW32/S-93a6f056!Eldorado
Antiy-AVLTrojan/Win32.Patched
MicrosoftTrojan:Win32/Convagent.AJ!MTB
ArcabitTrojan.Mint.Zard.5
ZoneAlarmVirus.Win32.Senoval.a
GDataGen:Variant.Mint.Zard.5
CynetMalicious (score: 100)
AhnLab-V3Malware/Win.Generic.R603531
VBA32BScope.Trojan.Meterpreter
ALYacGen:Variant.Mint.Zard.5
Cylanceunsafe
RisingTrojan.Generic@AI.100 (RDML:iCvnM3ddiSr6Oc/NPYAO9A)
IkarusTrojan.Win32.Patched
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Patched.IP!tr
AVGWin32:Patched-AWW [Trj]
DeepInstinctMALICIOUS
alibabacloudVirus:Win/Patched.NHO

How to remove Trojan.ConvagentPMF.S31119695?

Trojan.ConvagentPMF.S31119695 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment