What is “Win32/TrojanDownloader.Tiny.NVG”?

The Win32/TrojanDownloader.Tiny.NVG is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/TrojanDownloader.Tiny.NVG virus can do?

Uses Windows utilities for basic functionality
Authenticode signature is invalid
Attempts to modify proxy settings

How to determine Win32/TrojanDownloader.Tiny.NVG?


File Info:
name: F41AAABD1DB0ADC1632A.mlw
path: /opt/CAPEv2/storage/binaries/e57eeb61db5c53e5ebb98f35e1fb3126cbb54e65b085e7aeca2d0b14e2d46d85
crc32: 1FEB7118
md5: f41aaabd1db0adc1632a30ff52a0d38f
sha1: 11a9106adf3d87f68d43aa784fefcec5d138b2d5
sha256: e57eeb61db5c53e5ebb98f35e1fb3126cbb54e65b085e7aeca2d0b14e2d46d85
sha512: 6f378c2e93f16f38d9f14dcc4a16487076f82985d8bae5bdfe76830da14806cf14075ccc87eff6daf8f7fddb57c32b64f667ba62fc51432bd982534301de0bb8
ssdeep: 96:JxLAmDaB6rNifLQ5lXPE9ITrJWu9NRrf:JxLAmDY6rgMjE9IRrf
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T195811EAB3C56A43DC10B49728973C7AA3F33832615806827D750A8F5EFC2E49628C50E
sha3_384: 700886181183c1cdf924a0b090d7c6996d2ed8dc2cb01605580935fecc6de646880e5d9d454ef7d6a6fae751143cc428
ep_bytes: 5589e581ec24000000908d45e850e862
timestamp: 1970-01-01 00:00:00

Version Info:
0: [No Data]

Win32/TrojanDownloader.Tiny.NVG also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Zusy.487569
FireEye	Generic.mg.f41aaabd1db0adc1
VIPRE	Gen:Variant.Zusy.487569
Sangfor	Suspicious.Win32.Save.a
Cybereason	malicious.adf3d8
Cyren	W32/Downloader-Sml!Eldorado
ESET-NOD32	a variant of Win32/TrojanDownloader.Tiny.NVG
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan-Downloader.Win32.Generic
BitDefender	Trojan.GenericKDZ.102799
Avast	Win32:DropperX-gen [Drp]
McAfee-GW-Edition	New Malware.ca
Trapmine	suspicious.low.ml.score
Emsisoft	Gen:Variant.Zusy.487569 (B)
GData	Win32.Trojan.PSE.JZMXED
Xcitium	TrojWare.Win32.TrojanDownloader.Tiny.~DN@1kngc6
Arcabit	Trojan.Zusy.D77091
ZoneAlarm	HEUR:Trojan-Downloader.Win32.Generic
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Downloader/Win.Tiny.R604294
McAfee	New Malware.ca
MAX	malware (ai score=82)
VBA32	suspected of Trojan.Downloader.gen
Cylance	unsafe
Panda	Trj/Genetic.gen
Rising	Trojan.Generic@AI.91 (RDML:0LPz6kSYcL9QIIbGhhv1sQ)
SentinelOne	Static AI – Suspicious PE
Fortinet	W32/Dloader.SML!tr
AVG	Win32:DropperX-gen [Drp]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_90% (D)

How to remove Win32/TrojanDownloader.Tiny.NVG?

Win32/TrojanDownloader.Tiny.NVG removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X