Trojan:Win32/Meterpreter!pz removal

The Trojan:Win32/Meterpreter!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/Meterpreter!pz virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan:Win32/Meterpreter!pz?


File Info:
name: 4E30F8E89E2330B87F27.mlw
path: /opt/CAPEv2/storage/binaries/8c1b52a31fab123704e069051960fdde551a779a62cd1abe20dea1e20111287c
crc32: 7D82CB70
md5: 4e30f8e89e2330b87f27ec823f1d9f87
sha1: c97b0a42080f84602389911c58f1d296af8607c9
sha256: 8c1b52a31fab123704e069051960fdde551a779a62cd1abe20dea1e20111287c
sha512: 56fe24c73ee6d1c59b0ca863cf6fa7edbe0e6a4357af2877b04b0bd149e96e4667cc6341cd0f7642bb6ec98e900b155b6d2f8546877e00be08cea803a601e4c6
ssdeep: 12288:vzNB0JfiwSdYSui8zZH94I3H1v/zHi2CLH3I:LNsfiTdYSuVzZH9tH1v/LGD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17AB46B32A5604133E7F10573B928A6303E7CE328275189BAD7D4AD1D7EA84C66BF7253
sha3_384: a481e00672df5e6199979d858f359d8ed2a952eeb3aeb19186cd2b9179082bbe6cc49df7e24bbecff5a9d6df02c51cc7
ep_bytes: 606831504700ff152ca34400683a5047
timestamp: 2019-09-17 05:33:38

Version Info:
CompanyName: Intel
FileDescription: Intel(R) Graphics Driver Software
FileVersion: 3.11.1.0
InternalName: setup
LegalCopyright: Copyright (c) Intel. All rights reserved.
OriginalFilename: win64_15.45.5174.exe
ProductName: Intel(R) Graphics Driver Software
ProductVersion: 3.11.1.0
Translation: 0x0409 0x04e4

Trojan:Win32/Meterpreter!pz also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
K7AntiVirus	Trojan ( 00116c681 )
K7GW	Trojan ( 00116c681 )
Cybereason	malicious.2080f8
Symantec	Meterpreter
ESET-NOD32	a variant of Win32/Rozena.KC.gen
APEX	Malicious
ClamAV	Win.Trojan.MSShellcode-6360728-0
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Win32.Rozena.B
NANO-Antivirus	Trojan.Win32.Swrort.eratya
ViRobot	Win32.Rozena.A
MicroWorld-eScan	Win32.Rozena.B
Avast	Win32:ShikataGaNai-B [Trj]
Rising	Trojan.Meterpreter!1.AEA1 (CLASSIC)
Emsisoft	Win32.Rozena.B (B)
F-Secure	Trojan.TR/Patched.Gen
DrWeb	Trojan.Swrort.10
VIPRE	Win32.Rozena.B
TrendMicro	HackTool.Win32.Meterpreter.SMA
Sophos	Mal/Swrort-H
GData	Win32.Rozena.B
Google	Detected
Avira	TR/Patched.Gen
Antiy-AVL	Trojan/Win32.Meterpreter.a
Arcabit	Win32.Rozena.B
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Trojan:Win32/Meterpreter!pz
Varist	W32/Rozena.H.gen!Eldorado
AhnLab-V3	Trojan/Win.Generic.C4556687
VBA32	BScope.Trojan.Downloader
ALYac	Win32.Rozena.B
Cylance	unsafe
Fortinet	W32/Generic.AP.23ADC0!tr
BitDefenderTheta	AI:FileInfector.2395B8760E
AVG	Win32:ShikataGaNai-B [Trj]
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Trojan:Win32/Meterpreter!pz?

Trojan:Win32/Meterpreter!pz removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X