Trojan

Trojan.Win32.Shelma.zwo malicious file

Malware Removal

The Trojan.Win32.Shelma.zwo is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Shelma.zwo virus can do?

  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory

How to determine Trojan.Win32.Shelma.zwo?



File Info:

crc32: 7B676A7F
md5: 84a1409a322d1d3b0bb91b6f69fed758
name: 84A1409A322D1D3B0BB91B6F69FED758.mlw
sha1: 3c96ddccb7d8300fc8f483d1381230c8254a1cf3
sha256: 4120ec1ab79b03251e08f2ccca45d20da659d670bad779c4eb759e617425f2ff
sha512: 7ef5854bad87ef62e65474d7066e08882c585f8eedbb251247af709cc03bc0c9456950040987be6b9189cd1d25743d60ddfe382daec5de2a8aebe736de14eae3
ssdeep: 12288:1GWZ21JAw8FRmd1Qa9fwLdQ7zB7PH65qm68lhgf7Xel9VEGYI7W8uR4XJMS:1GWZ4JAnerQAp7Xel92Gx7W8u4JMS
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright xa9 EasyAntiCheat Ltd 2017
InternalName: EasyAntiCheat.exe
FileVersion: 4, 0, 0, 0
CompanyName: EasyAntiCheat Ltd
ProductName: EasyAntiCheat
ProductVersion: 4, 0, 0, 0
FileDescription: EasyAntiCheat Service
OriginalFilename: EasyAntiCheat.exe
Translation: 0x0409 0x04b0

Trojan.Win32.Shelma.zwo also known as:

MalwarebytesMachineLearning/Anomalous.95%
SymantecML.Attribute.HighConfidence
APEXMalicious
CynetMalicious (score: 99)
KasperskyTrojan.Win32.Shelma.zwo
TencentWin32.Trojan.Shelma.Eawv
F-SecureHeuristic.HEUR/AGEN.1108444
BitDefenderThetaGen:NN.ZexaE.34790.Ku0@amMZ7Tdi
FireEyeGeneric.mg.84a1409a322d1d3b
SophosMal/Generic-S
JiangminTrojan.Staser.wm
AviraHEUR/AGEN.1108444
TACHYONTrojan/W32.Staser.593920.C
FortinetW32/Shelma.ZWO!tr
Qihoo-360Win32/Ransom.DogHousePower.HgIASWgA

How to remove Trojan.Win32.Shelma.zwo?

Trojan.Win32.Shelma.zwo removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment