How to remove “Trojan.Dorv.A6”?

The Trojan.Dorv.A6 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Dorv.A6 virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Trojan.Dorv.A6?


File Info:
name: 1566A46926A44E20A577.mlw
path: /opt/CAPEv2/storage/binaries/a9af7db43f0f965bf9495102fccc0471fa683f625dfaccd5b829dd599292306b
crc32: 9735B1B0
md5: 1566a46926a44e20a577bb66cc4ea971
sha1: 0b5176ea06cc0eb611521b25401f5fec27700a8d
sha256: a9af7db43f0f965bf9495102fccc0471fa683f625dfaccd5b829dd599292306b
sha512: a01d2d9054d3043184290ad003cb8c7cbef1884ffa8596b8ff247aa2be4db6ff20496265f9651b0eb4cc83a128d4a6cb6a530bd9566ca9b19bbc2776b5350f92
ssdeep: 1536:+/Uow3+Ju2TdkRevpA5+V0XX0Nlu6u8OONNAjR9CjIoXYQx+NoM:Vow3+02NpI0Nl9/NNAjRMjIoXYQx+yM
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1F5939152EE908D3BCD9587F006E18795B23CD533236BEE364B5608643FB47C66A70A63
sha3_384: 7c507c459839b262c314e7281031bc0066d65f828f49b84d7b50356fd095753b0ce68e565f6f43b21fffcc2bfb485ed1
ep_bytes: c605d0f9400001e8bcb50000c605d0f9
timestamp: 1970-01-01 00:00:00

Version Info:
0: [No Data]

Trojan.Dorv.A6 also known as:

Bkav	W32.AIDetect.malware2
ClamAV	Win.Trojan.Llac-9867287-0
FireEye	Generic.mg.1566a46926a44e20
CAT-QuickHeal	Trojan.Dorv.A6
McAfee	GenericRXET-GJ!1566A46926A4
Cylance	Unsafe
Sangfor	Trojan.Win32.Kazy.12855948
Cybereason	malicious.a06cc0
Cyren	W32/Kazy.Y.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
APEX	Malicious
Paloalto	generic.ml
Cynet	Malicious (score: 99)
Kaspersky	HEUR:Trojan.Win32.Generic
NANO-Antivirus	Trojan.Win32.Jorik.bewsjv
Avast	FileRepMalware [Trj]
Tencent	Malware.Win32.Gencirc.10b6ddce
Comodo	TrojWare.Win32.Kazy.KAZ@4x44na
McAfee-GW-Edition	GenericRXET-GJ!1566A46926A4
Sophos	Generic ML PUA (PUA)
Jiangmin	Trojan/Jorik.gdak
Avira	TR/Kazy.128155648
Kingsoft	Win32.Troj.Jorik.aa.(kcloud)
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Trojan/Win32.Jorik.R46769
Acronis	suspicious
VBA32	Trojan.Occamy
Malwarebytes	Malware.AI.2285258342
Rising	Trojan.Generic@AI.100 (RDML:j7rYFpsBoLiPIc5YfZFdvg)
Yandex	Trojan.GenAsa!7V/WDnqEizI
Ikarus	Trojan.Win32.Jorik
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Jorik.AASV!tr
AVG	FileRepMalware [Trj]
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_90% (W)

How to remove Trojan.Dorv.A6?

Trojan.Dorv.A6 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X