Ransom Trojan

Trojan-Ransom.Win32.Gen.xtv removal guide

Malware Removal

The Trojan-Ransom.Win32.Gen.xtv is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Ransom.Win32.Gen.xtv virus can do?

  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Checks for the presence of known devices from debuggers and forensic tools
  • Checks for the presence of known devices from debuggers and forensic tools
  • Touches a file containing cookies, possibly for information gathering

How to determine Trojan-Ransom.Win32.Gen.xtv?



File Info:

name: E0B1B27017B994919514.mlw
path: /opt/CAPEv2/storage/binaries/b97d9e0ebf210ea160e8a2a798bdbd289266bcb3d101fc562c8bd72f74f9392b
crc32: 18E57D46
md5: e0b1b27017b994919514732f19c283e5
sha1: fb95d9d5cdb7720b56624f48854ac6062b63ba04
sha256: b97d9e0ebf210ea160e8a2a798bdbd289266bcb3d101fc562c8bd72f74f9392b
sha512: 4d57f34d4a4baeef56d41f6bdfc96707b5925844a6284448c08ea7894a6ed088e69dbe64eb279f571e152e87cb361931667f5a663d47616f179235c5c0a01b52
ssdeep: 3072:WPQpbKAIiuB+ZLtHC5q/nsLkce2gpoZskMX2jGCPGd2R8nbfOC2ZIMN:WPhImEUgek2jGCeACfOC2z
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T116E37D53F2D288B1D0761A3C9C16A658A82FFE607D3C356A6ADC4D0D5E3E2C1296D3D3
sha3_384: 7642ade1dc65309212041edc211452924907e87489281e8a8c23735e0624a699dd3a5a66d46bd08f39688cc52bef6e10
ep_bytes: 558becb9090000006a006a004975f951
timestamp: 1992-06-19 22:22:17


Version Info:

CompanyName:                                                                                             
FileDescription:                                                                              
FileVersion:  1. 1. 1. 1
InternalName: 
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: 
ProductName: 
ProductVersion: 0.0.0.0
Comments: 
Translation: 0x0409 0x04e4

Trojan-Ransom.Win32.Gen.xtv also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Gen.j!c
K7AntiVirusRiskware ( 0040eff71 )
AlibabaRansom:Win32/Generic.d4662771
K7GWRiskware ( 0040eff71 )
CrowdStrikewin/grayware_confidence_70% (D)
VirITTrojan.Win32.Generic.BHXJ
CynetMalicious (score: 100)
KasperskyTrojan-Ransom.Win32.Gen.xtv
SUPERAntiSpywareTrojan.Agent/Gen-TaskX
Trapminemalicious.high.ml.score
JiangminTrojan.Gen.bup
Kingsoftmalware.kb.a.703
ZoneAlarmTrojan-Ransom.Win32.Gen.xtv
PandaTrj/RansomGen.A
MaxSecureTrojan.Malware.73774235.susgen
Cybereasonmalicious.5cdb77
DeepInstinctMALICIOUS

How to remove Trojan-Ransom.Win32.Gen.xtv?

Trojan-Ransom.Win32.Gen.xtv removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment