Should I remove "Trojandownloader.Tovkater"?

The Trojandownloader.Tovkater is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojandownloader.Tovkater virus can do?

Reads data out of its own binary image
Drops a binary and executes it
Deletes its original binary from disk
Behavior consistent with a dropper attempting to download the next stage.
Attempts to modify proxy settings
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

trek.foragers.ru

ec2-54-246-229-115.eu-west-1.compute.amazonaws.com

How to determine Trojandownloader.Tovkater?


File Info:
crc32: EC97B6DB
md5: 2ad697376992611395383b39fdb388b9
name: 2AD697376992611395383B39FDB388B9.mlw
sha1: 9e1bfd57f23e9be589e94068621bb54813ab0760
sha256: f8a5b41e1f25c7cb4a09a7722c20e62fc0a8e52fd4a6f88363c66d901672d5da
sha512: c3518b683f081dcc566d55f7b054534b726bc412d95b424d82534d48563ea16a94c659c162eb36f91ae6feb7d55156691da9bbff5948e307f57be2e053e0894e
ssdeep: 6144:ko4U6Q3RLSfy83qGQ/+aHUED6MSSxEVoc0A4h:iQhLQLDQ/+M7DhnlMu
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive

Version Info:
LegalCopyright: ColdCreekProd. All rights reserved.
InternalName: ColdCreekInstaller
FileVersion: 3.1.0.1
CompanyName: ColdCreekProd
Comments: Files installer
ProductName: Free files installer
ProductVersion: 3.1.0.1
FileDescription: Free files installer
Translation: 0x0409 0x04b0

Trojandownloader.Tovkater also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Dropped:Trojan.GenericKD.12473781
FireEye	Generic.mg.2ad6973769926113
CAT-QuickHeal	Trojandownloader.Tovkater
ALYac	Dropped:Trojan.GenericKD.12473781
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Trojan-Downloader ( 00518e881 )
BitDefender	Dropped:Trojan.GenericKD.12473781
K7GW	Trojan-Downloader ( 00518e881 )
Cybereason	malicious.769926
Cyren	W32/Tovkater.S.gen!Eldorado
Symantec	SecurityRisk.Downldr
TrendMicro-HouseCall	TROJ_GEN.R011C0PJC20
Paloalto	generic.ml
ClamAV	Win.Dropper.Tovkater-6651874-0
NANO-Antivirus	Trojan.Win32.Tovkater.etoaeb
Ad-Aware	Dropped:Trojan.GenericKD.12473781
Emsisoft	Application.Downloader (A)
Comodo	Application.Win32.InstallMonster.DX@7e9j3l
F-Secure	Trojan.TR/Tovkater.faqrh
DrWeb	Trojan.InstallMonster.2399
TrendMicro	TROJ_GEN.R011C0PJC20
McAfee-GW-Edition	BehavesLike.Win32.ICLoader.dc
Sophos	ML/PE-A
SentinelOne	Static AI – Malicious PE – Downloader
Avira	HEUR/AGEN.1117983
MAX	malware (ai score=100)
Antiy-AVL	Trojan[Downloader]/Win32.Tovkater
Microsoft	Trojan:Win32/Wacatac.B!ml
Arcabit	Trojan.Generic.DBE55B5
SUPERAntiSpyware	Adware.InstallMonster/Variant
GData	Dropped:Trojan.GenericKD.12473781
Cynet	Malicious (score: 100)
AhnLab-V3	PUP/Win32.BundleInstaller.R209982
Acronis	suspicious
McAfee	Artemis!2AD697376992
VBA32	TrojanDownloader.Tovkater
Malwarebytes	Generic.Trojan.Malicious.DDS
Panda	Trj/Genetic.gen
APEX	Malicious
ESET-NOD32	Win32/TrojanDownloader.Tovkater.EX
Tencent	Win32.Trojan-downloader.Tovkater.Hupy
Yandex	Trojan.DL.Tovkater!KcYoe/d37Tk
Ikarus	Trojan-Downloader.Win32.Tovkater
Fortinet	W32/Tovkater.A!tr.dldr
BitDefenderTheta	Gen:NN.ZexaF.34804.hyW@a4jhNWfi
AVG	Win32:Malware-gen
Avast	Win32:Malware-gen
Qihoo-360	Win32/Trojan.Downloader.1cc

How to remove Trojandownloader.Tovkater?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Should I remove “Trojandownloader.Tovkater”?