Should I remove “Trojan.GenericRI.S30115043”?

The Trojan.GenericRI.S30115043 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.GenericRI.S30115043 virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Trojan.GenericRI.S30115043?


File Info:
name: 6AA4CB3B9081B0566EED.mlw
path: /opt/CAPEv2/storage/binaries/dff59641e5d88d7447de0b87287c795362e608addb5b9aeb9ea1c9c0e848c44e
crc32: 2FED569B
md5: 6aa4cb3b9081b0566eedf6d79523bb99
sha1: 34ca488e73492f9f21f8258c381bec756bd8e1ca
sha256: dff59641e5d88d7447de0b87287c795362e608addb5b9aeb9ea1c9c0e848c44e
sha512: 1368e3793e89579ce94737376419f42f96074219fa1b660b60e6497100917dcaa8fc60d0625b1e7009b179420f34175b3f767f4dff32229d321b31ec51284cb6
ssdeep: 192:W1c2hLi+wf1pMVSQB4Q0P+NZoJJREqqPDLJY:2cGLi+wf1kSK4PP+NeVP
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T14432298B9F5A0262F76008B47BBB52590A3EBDC3339622E7EFB278401B756D2C4514D7
sha3_384: 064ea83013ece6e92abac171abbaa560194e32ca7f969b9985b3d9958bd97c8e0e3b1940fe95bd8ae0d04aae07abbefb
ep_bytes: e880040000e99ffdffff8bff558bcc81
timestamp: 2012-10-29 15:49:48

Version Info:
0: [No Data]

Trojan.GenericRI.S30115043 also known as:

MicroWorld-eScan	Gen:Variant.Zusy.451781
FireEye	Gen:Variant.Zusy.451781
CAT-QuickHeal	Trojan.GenericRI.S30115043
ALYac	Gen:Variant.Zusy.451781
Malwarebytes	Malware.AI.3654172958
Cyren	W32/Blocker.L.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Small.NYG
Kaspersky	Trojan-Ransom.Win32.Blocker.gnve
BitDefender	Gen:Variant.Zusy.451781
Avast	Win32:RansomX-gen [Ransom]
Tencent	Trojan-Ransom.Win32.Blocker.ko
DrWeb	Trojan.MulDrop21.58295
VIPRE	Gen:Variant.Zusy.451781
McAfee-GW-Edition	GenericRXVO-KU!6AA4CB3B9081
Emsisoft	Gen:Variant.Zusy.451781 (B)
GData	Gen:Variant.Zusy.451781
Jiangmin	Trojan.Blocker.uxa
MAX	malware (ai score=84)
Arcabit	Trojan.Zusy.D6E4C5
ZoneAlarm	Trojan-Ransom.Win32.Blocker.gnve
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Trojan/Win.Blocker.R560620
TACHYON	Ransom/W32.Blocker.11264
Panda	Trj/Genetic.gen
Rising	Ransom.Blocker!8.12A (TFE:5:oSUc7RfbUHO)
Ikarus	Trojan.Win32.Small
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/Wacatac.B!tr
BitDefenderTheta	Gen:NN.ZexaF.36164.ayW@a0O5E3ji
AVG	Win32:RansomX-gen [Ransom]

How to remove Trojan.GenericRI.S30115043?

Trojan.GenericRI.S30115043 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X