Trojan

Trojan.MauvaiseRI.S5242914 removal instruction

Malware Removal

The Trojan.MauvaiseRI.S5242914 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.MauvaiseRI.S5242914 virus can do?

  • Performs HTTP requests potentially not found in PCAP.
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Attempts to modify proxy settings

How to determine Trojan.MauvaiseRI.S5242914?



File Info:

name: 8705B9A58B8CAD9DC41B.mlw
path: /opt/CAPEv2/storage/binaries/39acab02f84dfa6b86c75a9caf4a1f08d11ea3dfe6e9cf3cd660dd81010e01ff
crc32: 81711B9B
md5: 8705b9a58b8cad9dc41b4194a3610685
sha1: 58a540e2f23025aad24de66ca0ca7f652cd10207
sha256: 39acab02f84dfa6b86c75a9caf4a1f08d11ea3dfe6e9cf3cd660dd81010e01ff
sha512: 28d678bf554bdd9baecc752655785faf1c7e4ad2d90c10321d578567b1c825add7569a20b801aad9030b050cd57751c94e9a1e2e624d14433f1638efefa512a9
ssdeep: 12288:mzB2hzhXEjpl9Obdc//IDCAU9PqDjvhtJJNqEvrzEMKWyHkVrn4OQXgGokwJWE5i:yB2hzhwNPqDMyr46N5gw+yT9D7KU8
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A6F4AE35BA86C036E67201719B7C9B6B546DF2310B2B1CC7F3C84E6D6DA41D21A3972B
sha3_384: eb4419dab97eff1330308bd6c08f538c038456e45f8e9415545d58cf7936ffde15c33c3c9fdc2eb2f4da954e5fe3bd71
ep_bytes: e8cab50000e989feffffcccccccccc55
timestamp: 2014-01-09 07:05:18


Version Info:

CompanyName: Changyou.com limited
FileDescription: tConfig
FileVersion: 0.0.5.3
InternalName: tConfig
LegalCopyright: (C) 2008-2012 Changyou.com Limited.All Rights Reserved
OriginalFilename: tConfig.exe
ProductName:  tConfig
ProductVersion: 0.0.5.3
Translation: 0x0804 0x04b0

Trojan.MauvaiseRI.S5242914 also known as:

BkavW32.AIDetectMalware
DrWebBackDoor.IRC.Bot.3929
CAT-QuickHealTrojan.MauvaiseRI.S5242914
Cylanceunsafe
ZillyaAdware.OutBrowse.Win32.79318
CrowdStrikewin/grayware_confidence_70% (D)
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
APEXMalicious
ClamAVWin.Trojan.Ramnit-6596
McAfee-GW-EditionBehavesLike.Win32.BadFile.bh
SUPERAntiSpywareTrojan.Agent/Gen-Mikey
MicrosoftTrojan:Win32/Zpevdo.B
GoogleDetected
McAfeeArtemis!8705B9A58B8C
VBA32BScope.Backdoor.IRC.Bot
RisingTrojan.Zpevdo!8.F912 (CLOUD)
YandexTrojan.GenAsa!N40aTo0GpD0
DeepInstinctMALICIOUS

How to remove Trojan.MauvaiseRI.S5242914?

Trojan.MauvaiseRI.S5242914 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment