Trojan

About “Trojan.Generic.22891166” infection

Malware Removal

The Trojan.Generic.22891166 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.22891166 virus can do?

  • Executable code extraction
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Creates a hidden or system file
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Trojan.Generic.22891166?



File Info:

crc32: B392E275
md5: ed5b16c7685c7cd114d1eee24b496de2
name: ED5B16C7685C7CD114D1EEE24B496DE2.mlw
sha1: 9296743d881c433ecb4e38a8dab51ac4a17753c5
sha256: 1a2ca093c450b849466182af522b584457b383e85220588a8a86949d180fb70d
sha512: 91e25e900d3696be1020fe7048355e2e59d787a832aab6d253b326cc139b7762f69e2abb970e07471e12564d4349675246fccedf2170ccbb07263dac8b60767f
ssdeep: 49152:wKiC/rk62xWNol+5gOsLO66qJ6021cJjLtk4pWGNG5VGFPNqJyoTL:xrZ23AbsK6Ro022JjL2WEiVqJZL
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
Proc. Architecture: x86
InternalName: SFXCAB.EXE
KB Article Number: 884016
FileVersion: 3.1
Build Date: 2004/12/06
CompanyName: Microsoft Corporation
Installer Engine: update.exe
Applies to: Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows XP, Windows XP Service Pack 1, Windows XP Service Pack 2, Windows 2003
Self-Extractor Version: SFXCAB v6.1.6.0
ProductName: MSI 3.1
Installation Type: Full
Package Type: update
ProductVersion: 3.1
FileDescription: Update Package
Support Link: "http://go.microsoft.com/fwlink/?LinkId=33342"
OriginalFilename: SFXCAB.EXE
Installer Version: 6.1.22.0
Translation: 0x0000 0x04b0

Trojan.Generic.22891166 also known as:

LionicVirus.Win32.Generic.n!c
MicroWorld-eScanTrojan.Generic.22891166
ALYacTrojan.Generic.22891166
CylanceUnsafe
SangforTrojan.Win32.Save.a
AlibabaTrojan:Win32/Sality.1aeb066d
Cybereasonmalicious.7685c7
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Sality [Inf]
BitDefenderTrojan.Generic.22891166
Ad-AwareTrojan.Generic.22891166
SophosML/PE-A
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionArtemis
FireEyeGeneric.mg.ed5b16c7685c7cd1
EmsisoftTrojan.Generic.22891166 (B)
eGambitPE.Heur.InvalidSig
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataWin32.Virus.Patched.L
McAfeeArtemis!ED5B16C7685C
MAXmalware (ai score=81)
YandexBackdoor.Zegost!mJq0oKtvTbc
AVGWin32:Sality [Inf]

How to remove Trojan.Generic.22891166?

Trojan.Generic.22891166 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment