Trojan.Win32.Scar.tacr removal guide

The Trojan.Win32.Scar.tacr is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Win32.Scar.tacr virus can do?

A process attempted to delay the analysis task.
Attempts to connect to a dead IP:Port (7 unique times)
Drops a binary and executes it
Performs some HTTP requests
Executed a very long command line or script command which may be indicative of chained commands or obfuscation
Uses Windows utilities for basic functionality
Installs itself for autorun at Windows startup
Creates a hidden or system file
Attempts to modify proxy settings
Creates a copy of itself
Uses suspicious command line tools or Windows utilities

Related domains:

yip.su

apps.identrust.com

edgedl.me.gvt1.com

crl.identrust.com

r3.o.lencr.org

x1.c.lencr.org

How to determine Trojan.Win32.Scar.tacr?


File Info:
crc32: 5D3A5AE1
md5: 76738c9fcd5add3590e56f5368df709f
name: 76738C9FCD5ADD3590E56F5368DF709F.mlw
sha1: 392ea104bbf89f339d71d117767bf5daf8aa8110
sha256: 82aacf870cb05aacf4d34793edbe568b48dfe24b0881ea32133fa5e8e3b4f781
sha512: 707733d3bed3764cab16fbc0d45780b324e972cdcbb8d8dea04d63b66c12c2813aa38236500972ccb7daa71459c325229a8fa035f0a9d6c35c52b1cd81f10df7
ssdeep: 24576:RAHnh+eWsN3skA4RV1Hom2KXMmHaAvOF2t5:oh+ZkldoPK8YaAcg
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
InternalName: autoconv.exe
FileVersion: 8.3.5.6
CompanyName: x41ax43bx438x435x43dx442x441x43ax438x435 x444x443x43dx43ax446x438x438 API x433x440x443x43fx43fx43ex432x43ex439 x43fx43ex43bx438x442x438x43ax438
Comments: fAwyMwtIDlpKSPvTleM5tpCggffZ9bF4orDdVfAaxdcPF1PT45TETzvW3F
ProductVersion: 8.3.5.6
FileDescription: Microsoft DirectMusic Wave
OriginalFilename: autoconv.exe
Translation: 0x0809 0x04b0

Trojan.Win32.Scar.tacr also known as:

Lionic	Hacktool.Win32.Gamehack.3!e
Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoader35.5785
ALYac	Gen:Trojan.Heur.AutoIT.172u0@auOZaVmi
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Trojan:Win32/ClipBanker.7267fa6d
K7GW	Trojan ( 700000111 )
K7AntiVirus	Trojan ( 700000111 )
Cyren	W32/Trojan.GEMW-3526
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of Win32/ClipBanker.HL
APEX	Malicious
Avast	Win32:Trojan-gen
Cynet	Malicious (score: 100)
Kaspersky	Trojan.Win32.Scar.tacr
BitDefender	Gen:Trojan.Heur.AutoIT.172u0@auOZaVmi
NANO-Antivirus	Trojan.Win32.Scar.iapyfl
MicroWorld-eScan	Gen:Trojan.Heur.AutoIT.172u0@auOZaVmi
Tencent	Win32.Trojan.Scar.Ahol
Ad-Aware	Gen:Trojan.Heur.AutoIT.172u0@auOZaVmi
Sophos	Generic ML PUA (PUA)
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.TrojanAitInject.ch
FireEye	Gen:Trojan.Heur.AutoIT.172u0@auOZaVmi
Emsisoft	Gen:Trojan.Heur.AutoIT.172u0@auOZaVmi (B)
Avira	HEUR/AGEN.1100133
eGambit	Unsafe.AI_Score_95%
Microsoft	Trojan:Win32/Ymacco.AA5F
Arcabit	Trojan.Heur.AutoIT.EDBCB5
GData	Gen:Trojan.Heur.AutoIT.172u0@auOZaVmi
McAfee	Artemis!76738C9FCD5A
MAX	malware (ai score=81)
VBA32	Trojan.Scar
Malwarebytes	Trojan.ClipBanker
Panda	Trj/CI.A
Ikarus	Trojan.Win32.Clipbanker
MaxSecure	Trojan.Malware.12232.susgen
Fortinet	W32/Scar.HL!tr
AVG	Win32:Trojan-gen
Paloalto	generic.ml
Qihoo-360	Win32/Backdoor.Scar.HgIASRMA

How to remove Trojan.Win32.Scar.tacr?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Trojan.Win32.Scar.tacr removal guide