Trojan

Trojan.Generic.6905859 removal guide

Malware Removal

The Trojan.Generic.6905859 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Generic.6905859 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • A process created a hidden window
  • Attempts to modify Internet Explorer’s start page
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Steals private information from local Internet browsers
  • Uses suspicious command line tools or Windows utilities

How to determine Trojan.Generic.6905859?



File Info:

name: E702E25A1D959DF053AA.mlw
path: /opt/CAPEv2/storage/binaries/c3efbdf9454cba80c9271a894a722fb5a3b9342a8d068d483e3e9a4da8195156
crc32: AA9AF03A
md5: e702e25a1d959df053aa12ca8ab2448e
sha1: 8c51d355be9681667a42b53b46e3cb0f815137c9
sha256: c3efbdf9454cba80c9271a894a722fb5a3b9342a8d068d483e3e9a4da8195156
sha512: 2b0390d09c28bfb5517db28ae3a98553b60544cbb6b1a8f408afde9831a2dac1e2eaf2f4d05b1a0c7501269e02770bbe511e70e7d4e7460f82f2018c887b2cda
ssdeep: 384:MIiV728hUQ7Y2P/cVEccDdye7kjlWLe7grPiA8jyrMPhTjanbBoZYTIaNJawcudO:MRGuY2P0Vo6r7SiAwyrMRjbshnbcuyDP
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A5A2D026D3D0875CC2BE017256EB7B0A9DC0E75E9508068DF5CC7237AD02B945A9D2F6
sha3_384: 86544866094c0fe5f9defccb92aa2271760656a1c3b712b4e84fa9e6f6e3b68acb2cc4bc0217059a197e449b1c66c6df
ep_bytes: 60be15a040008dbeeb6fffff5789e58d
timestamp: 2009-02-07 06:33:08


Version Info:

CompanyName: AsRock
FileVersion: 1,0,0,0
ProductVersion: 1,0,0,0
Translation: 0x0000 0x04e4

Trojan.Generic.6905859 also known as:

LionicTrojan.Win32.Generic.4!c
DrWebTrojan.StartPage.36122
MicroWorld-eScanTrojan.Generic.6905859
FireEyeTrojan.Generic.6905859
ALYacTrojan.Generic.6905859
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforTrojan.Win32.Generic.6905859
AlibabaTrojan:Win32/StartPage.a68642ca
CrowdStrikewin/malicious_confidence_100% (W)
SymantecML.Attribute.HighConfidence
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.StartPage
BitDefenderTrojan.Generic.6905859
NANO-AntivirusTrojan.Win32.StartPage.cpjbt
AvastWin32:Malware-gen
TencentWin32.Trojan.Startpage.Ahxq
Ad-AwareTrojan.Generic.6905859
EmsisoftTrojan.Generic.6905859 (B)
ComodoMalware@#2d9jcbvtqw7yt
ZillyaBackdoor.Rozena.Win32.2241
McAfee-GW-EditionGenericTRA-ES!E702E25A1D95
SophosMal/Generic-S + Mal/Generic-L
SentinelOneStatic AI – Suspicious PE
GDataTrojan.Generic.6905859
JiangminTrojan.Generic.jole
WebrootW32.Malware.Gen
AviraTR/StartPage.sur
MAXmalware (ai score=99)
KingsoftWin32.Malware.Heur_Generic.B.(kcloud)
ZoneAlarmUDS:Trojan.Win32.Generic
MicrosoftPWS:Win32/Zbot!ml
CynetMalicious (score: 99)
McAfeeGenericTRA-ES!E702E25A1D95
VBA32Trojan.StartPage
RisingTrojan.Generic!8.C3 (CLOUD)
YandexTrojan.Agent!gb/zsVd7eaE
IkarusTrojan.StartPage
MaxSecureTrojan.Malware.7164915.susgen
FortinetW32/Tra.A!tr
AVGWin32:Malware-gen
PandaTrj/Agent.CTG

How to remove Trojan.Generic.6905859?

Trojan.Generic.6905859 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment