TrojanDownloader:Win32/Banload.AYX removal guide

The TrojanDownloader:Win32/Banload.AYX is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What TrojanDownloader:Win32/Banload.AYX virus can do?

Executable code extraction
Creates RWX memory
A process attempted to delay the analysis task.
Attempts to connect to a dead IP:Port (7 unique times)
Performs some HTTP requests
Unconventionial language used in binary resources: Portuguese (Brazilian)
The binary likely contains encrypted or compressed data.
Anomalous binary characteristics

Related domains:

edaysch.ru

apps.identrust.com

crl.identrust.com

r3.o.lencr.org

How to determine TrojanDownloader:Win32/Banload.AYX?


File Info:
crc32: 5D9EA991
md5: be7233057160d12291392f37a2555e22
name: BE7233057160D12291392F37A2555E22.mlw
sha1: b4b54ae4fc4e3892f2e414dca72e23b90c907e36
sha256: 0eb01bdbeba4d25c584fff77439bca93af2e88628d9940d5d1e7747ff9d4ab4a
sha512: 5ce7e859b1c9564b798387fd3d215206f1dad6892fd3a19036303be92b588c8de210f4e2dd9472f40f480d2ba00bd6036e609e345361258b53b21f5403549328
ssdeep: 12288:pkEEeS7QdHCEagB1ZnsIVffhzVuBP5t0ipjoMPBaBSH:CeVH9rBphz65DbP+M
type: PE32 executable (GUI) Intel 80386, for MS Windows, PECompact2 compressed

Version Info:
0: [No Data]

TrojanDownloader:Win32/Banload.AYX also known as:

Bkav	W32.AIDetectVM.malware1
Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoader11.25730
MicroWorld-eScan	Gen:Variant.Zusy.101725
FireEye	Generic.mg.be7233057160d122
McAfee	Artemis!BE7233057160
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Trojan-Downloader ( 004c6df71 )
BitDefender	Gen:Variant.Zusy.101725
K7GW	Trojan-Downloader ( 004c6df71 )
Cybereason	malicious.57160d
BitDefenderTheta	AI:Packer.8AB6380121
Cyren	W32/Delf.FS.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:Malware-gen
Alibaba	TrojanDownloader:Win32/Banload.c7db65a3
NANO-Antivirus	Trojan.Win32.Banload.ddqhsm
AegisLab	Trojan.Win32.Banload.a!c
Tencent	Win32.Trojan-downloader.Banload.Pijq
Ad-Aware	Gen:Variant.Zusy.101725
Emsisoft	Gen:Variant.Zusy.101725 (B)
Comodo	Malware@#n5k0x344u0f
F-Secure	Heuristic.HEUR/AGEN.1112446
Zillya	Downloader.Banload.Win32.58380
TrendMicro	TROJ_BANLOAD.GGTT
McAfee-GW-Edition	GenericR-CPE!DAE242B7EB78
Sophos	Troj/Bancos-BZG
Ikarus	Trojan-Downloader.Win32.Banload
Jiangmin	Trojan/JboxGeneric.gzz
Avira	HEUR/AGEN.1112446
Antiy-AVL	Trojan[Downloader]/Win32.Banload
Kingsoft	Win32.TrojDownloader.Banload.cv.(kcloud)
Microsoft	TrojanDownloader:Win32/Banload.AYX
Arcabit	Trojan.Zusy.D18D5D
ZoneAlarm	Trojan-Downloader.Win32.Banload.cvmc
GData	Gen:Variant.Zusy.101725
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Banload.R119695
VBA32	TrojanDownloader.Banload
ALYac	Gen:Variant.Zusy.101725
MAX	malware (ai score=99)
Malwarebytes	Malware.AI.4059439457
Panda	Trj/Genetic.gen
Zoner	Trojan.Win32.25426
ESET-NOD32	a variant of Win32/TrojanDownloader.Banload.TZM
TrendMicro-HouseCall	TROJ_BANLOAD.GGTT
Rising	Downloader.Banload!8.15B (TFE:5:ead9c7wzaAG)
Yandex	Trojan.DL.Banload!wc+edoafup4
SentinelOne	Static AI – Malicious PE
Fortinet	W32/TrojanDldr.XEAR!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_80% (D)
Qihoo-360	Win32/Trojan.Downloader.4fb

How to remove TrojanDownloader:Win32/Banload.AYX?

TrojanDownloader:Win32/Banload.AYX removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

TrojanDownloader:Win32/Banload.AYX removal guide