Ransom • Trojan

Trojan.Ransom.TroldeshKD.12149136 removal guide

The Trojan.Ransom.TroldeshKD.12149136 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Ransom.TroldeshKD.12149136 virus can do?

The binary likely contains encrypted or compressed data.
Anomalous binary characteristics

How to determine Trojan.Ransom.TroldeshKD.12149136?


File Info:
crc32: 2B33802E
md5: c384cbf55568218beea43c50103d2a50
name: C384CBF55568218BEEA43C50103D2A50.mlw
sha1: 705fd11684f740e4bc44972d81693d54d5cf7aa7
sha256: 0152b300096b9e49312cc2003a39b4656b4f3a8a5361a7e711286c7586af9680
sha512: 71dc82be99e0677da0e2420919be6926d42b1d5f5e0531d89d01df31b9ba833cd609dcccfbd70b808e172e3917b59aae8e328faa9cf0d2e4df44e7c83ab5d978
ssdeep: 12288:ctfX1vcQn6qcYU4DRHuo7aKT+sLtwhB0FXXPazQROOtuAjjJmjRRahME:qdvcQeARHqeLC0XC7Otn0jRRahME
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: ANTSpec Software
FileVersion: 7.8.0.531
CompanyName: ANTSpec Software
ProductName: USB Flash Drive Information Extractor
ProductVersion: 7.8.0.531
FileDescription: Tool to get USB flash drive information.
OriginalFilename: 
Translation: 0x1009 0x04e4

Trojan.Ransom.TroldeshKD.12149136 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Riskware ( 0040eff71 )
Elastic	malicious (high confidence)
DrWeb	Trojan.Siggen7.27127
Cynet	Malicious (score: 100)
ALYac	Trojan.Ransom.MBRlock
Cylance	Unsafe
Zillya	Trojan.Foreign.Win32.56758
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Ransom:Win32/Foreign.bb21a4c9
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.555682
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Generik.CADQJLL
Avast	Win32:Malware-gen
Kaspersky	Trojan-Ransom.Win32.Foreign.naew
BitDefender	Trojan.Ransom.TroldeshKD.12149136
NANO-Antivirus	Trojan.Win32.GenericKD.erwyim
MicroWorld-eScan	Trojan.Ransom.TroldeshKD.12149136
Tencent	Malware.Win32.Gencirc.11497339
Ad-Aware	Trojan.Ransom.TroldeshKD.12149136
Sophos	Mal/Generic-S
Comodo	Malware@#1f1pwuufjnpke
BitDefenderTheta	Gen:NN.ZexaF.34608.Rq1@aCX5Fxbi
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	HT_CRYPFOREIGN_GI0703CB.UVPM
McAfee-GW-Edition	BehavesLike.Win32.Sality.jc
FireEye	Generic.mg.c384cbf55568218b
Emsisoft	Trojan.Ransom.TroldeshKD.12149136 (B)
SentinelOne	Static AI – Malicious PE
Webroot	W32.Trojan.GenKD
Avira	HEUR/AGEN.1113246
Kingsoft	Win32.Troj.Undef.(kcloud)
Microsoft	Trojan:Win32/Skeeyah.A!rfn
Arcabit	Trojan.Ransom.TroldeshKD.DB96190
AegisLab	Trojan.Win32.Foreign.j!c
GData	Trojan.Ransom.TroldeshKD.12149136
Acronis	suspicious
McAfee	Flyagent.d
MAX	malware (ai score=100)
VBA32	TrojanRansom.Foreign
Panda	Trj/CI.A
TrendMicro-HouseCall	HT_CRYPFOREIGN_GI0703CB.UVPM
Rising	Ransom.MBRlock!1.B6DC (CLOUD)
Yandex	Trojan.GenAsa!SCU8S/kt13M
Ikarus	Trojan.SuspectCRC
Fortinet	Flyagent!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml
Qihoo-360	Win32/Trojan.Foreign.HxIBwhsA

How to remove Trojan.Ransom.TroldeshKD.12149136?

Trojan.Ransom.TroldeshKD.12149136 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X