TrojanDropper:Win32/Duon removal instruction

The TrojanDropper:Win32/Duon is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What TrojanDropper:Win32/Duon virus can do?

Authenticode signature is invalid

How to determine TrojanDropper:Win32/Duon?


File Info:
name: 8D680A1B69A2A8918F14.mlw
path: /opt/CAPEv2/storage/binaries/db555b45e6d73602d153363d105552c542e856342e91f8d7c04874c61d016e52
crc32: C1BA949F
md5: 8d680a1b69a2a8918f147e71645b189c
sha1: 4ca6cab8e66140b7054e00c9b591cd98790e6c62
sha256: db555b45e6d73602d153363d105552c542e856342e91f8d7c04874c61d016e52
sha512: 60c3a2726237fbb6c4c9c9a0ea6836c2f0d1c7e46a44cd4609f66b0833e17357323d99a916939da066c8064c9fc80ee166c9c91515ab35d9895e35c2ca6ecf4f
ssdeep: 48:KrNUylPUA1LnWxxVYUiHU8fOx4JjWGPNEC6LdtVtUtakgVjS82xKy5w6E:kNBlPd1LWx+u4JKGK1LdtVSv8oKqE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T173721E5BB3800532DA9512350936879228B7B6A44E7B8E8F664C038E3F73E51DD37B4B
sha3_384: 0464ab378dde21c675f5367881d1e90e03767dcdd30eb6b305c67f9ba943b328d2776dc3aa91920def4deeb31947b7b8
ep_bytes: 00000000000000000000000000000000
timestamp: 2007-06-14 13:10:00

Version Info:
Translation: 0x0409 0x04b0
ProductName: Decrypter
FileVersion: 1.00
ProductVersion: 1.00
InternalName: Decrypter
OriginalFilename: Decrypter.exe

TrojanDropper:Win32/Duon also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Agent.a!c
Elastic	malicious (high confidence)
FireEye	Generic.mg.8d680a1b69a2a891
McAfee	Artemis!8D680A1B69A2
CrowdStrike	win/malicious_confidence_60% (D)
Cyren	W32/Trojan.WQRC-2227
Symantec	ML.Attribute.HighConfidence
tehtris	Generic.Malware
APEX	Malicious
Cynet	Malicious (score: 100)
Avast	Win32:Agent-RZH [Trj]
F-Secure	Trojan.TR/Dropper.Gen
DrWeb	Trojan.DownLoad1.47329
Zillya	Downloader.Agent.Win32.1973
McAfee-GW-Edition	Artemis!Trojan
Trapmine	malicious.moderate.ml.score
Ikarus	Virus.Win32.Agent.RZH
Avira	TR/Dropper.Gen
Xcitium	Packed.UnDoCrypter.~A@1h8sxs
ZoneAlarm	Trojan-Downloader.Win32.Agent.fsc
Microsoft	TrojanDropper:Win32/Duon.gen
Google	Detected
AhnLab-V3	Trojan/Win32.Shark.C140101
Panda	Trj/CI.A
Rising	Trojan.Generic@AI.97 (RDML:7/qCZEtQ2qlKHW09Xfyh3A)
Yandex	Trojan.DL.Agent!7gfHrZCUtJ8
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Agent.FSC!tr.dldr
AVG	Win32:Agent-RZH [Trj]
Cybereason	malicious.8e6614
DeepInstinct	MALICIOUS

How to remove TrojanDropper:Win32/Duon?

TrojanDropper:Win32/Duon removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X