Virus

What is “Virus.Valhalla”?

Malware Removal

The Virus.Valhalla is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Virus.Valhalla virus can do?

  • Possible date expiration check, exits too soon after checking local time
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Virus.Valhalla?


File Info:

crc32: E133F78B
md5: 44901ace158f7141f615367351a108ce
name: 44901ACE158F7141F615367351A108CE.mlw
sha1: 9fa955af14481adf00d388ed7a03b3a62293aaaa
sha256: 33408a8aef7968168291b1e6fb5544675a1131873a8e007efd010f0cbcfc7ccd
sha512: fc105a7905df91f991baebf4b197ffaff7c5b1152b6d2293de5e9df42c1617775b164c83053ee9867e241b5e0e2e18628c9bb11217dd4a18c0816f62c325b63c
ssdeep: 384:nbBh1wxV64vXI90hvb+aOIN7vnAOgnFWMwWWeWMjUWcZ69S:bkzJB5Som2Z4S
type: PE32 executable (console) Intel 80386, for MS Windows

Version Info:

LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: tsdiscon
FileVersion: 5.1.2600.0 (xpclient.010817-1148)
CompanyName: Microsoft Corporation
ProductName: Microsoftxae Windowsxae Operating System
ProductVersion: 5.1.2600.0
FileDescription: Session Disconnection Utility
OriginalFilename: tsdiscon.exe
Translation: 0x0409 0x04b0

Virus.Valhalla also known as:

ClamAVWin.Trojan.Xorala-1
ALYacWin32.Valhalla.2048
CylanceUnsafe
AlibabaVirus:Win32/Xorala.4ed6d29d
AvastWin32:Valhalla
BitDefenderWin32.Valhalla.2048
NANO-AntivirusVirus.Win32.Xorala.cbehdj
MicroWorld-eScanWin32.Valhalla.2048
TencentWin32.Virus.Xorala.Pcsm
Ad-AwareWin32.Valhalla.2048
SophosMal/Generic-S
ComodoVirus.Win32.Xorala.b0@1o8g73
VIPREBackdoor.Agobot (fs)
McAfee-GW-EditionArtemis!Trojan
FireEyeGeneric.mg.44901ace158f7141
EmsisoftWin32.Valhalla.2048 (B)
AviraW32/Xorala.b
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataWin32.Virus.Xorala.A
McAfeeArtemis!44901ACE158F
MAXmalware (ai score=98)
MalwarebytesVirus.Valhalla
YandexWin32.Xorala
IkarusVirus.Win32.Xorala
MaxSecureVirus.W32.Xorala.A
FortinetW32/PossibleThreat
AVGWin32:Valhalla
Paloaltogeneric.ml

How to remove Virus.Valhalla?

Virus.Valhalla removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment