Win32:Atraps-PZ [Trj] removal instruction

The Win32:Atraps-PZ [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32:Atraps-PZ [Trj] virus can do?

Sample contains Overlay data
Authenticode signature is invalid

How to determine Win32:Atraps-PZ [Trj]?


File Info:
name: 839D19FC8A057AB91D0E.mlw
path: /opt/CAPEv2/storage/binaries/5547ad29cd60a781d7f3fc0103d8d0df11b21e8d5cb4df4ef80f934803b9753b
crc32: 52F77895
md5: 839d19fc8a057ab91d0e74845679ac42
sha1: a5d98459bd77bf110314713e445e4d73cbb00c8b
sha256: 5547ad29cd60a781d7f3fc0103d8d0df11b21e8d5cb4df4ef80f934803b9753b
sha512: d25dbd67c1f740d83e3013031332c5393b98949cd73c604f529418c621aa0ac41f03f5cbcd8cd9ec65dbc696b8f8b1a456b262cddea04bd412bd6cd532ab54ce
ssdeep: 24:e1GSYTe3Cee/0I/kPVCRVtc44MnXz+iM2u8kypgyXwVQwA3H4tROjM5KX9Z:SWkO0IoyTnXz+ihZjokIyZ
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T15471B53BB7B82D67D0649B332AB760DB39BE4750139C0A4E8950231B1016123DCB9F96
sha3_384: a10c76a7b53650c5319aaa8c61cc57d24829aafc396fe1b2f1d291d796adcfba7e19caa44e7b14df5c045546fdb672ad
ep_bytes: 558bec538b5d08568b750c578b7d1085
timestamp: 2013-04-07 20:00:59

Version Info:
0: [No Data]

Win32:Atraps-PZ [Trj] also known as:

Bkav	W32.FamVT.DebrisB.Worm
AVG	Win32:Atraps-PZ [Trj]
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Barys.431082
FireEye	Generic.mg.839d19fc8a057ab9
CAT-QuickHeal	Trojan.Agent.WL
Skyhigh	BehavesLike.Win32.Downloader.zz
McAfee	Downloader-FKP!839D19FC8A05
Malwarebytes	Worm.Gamarue
Zillya	Worm.Bundpil.Win32.1334
Sangfor	Suspicious.Win32.Save.ins
K7AntiVirus	EmailWorm ( 0040f50c1 )
K7GW	EmailWorm ( 0040f50c1 )
CrowdStrike	win/malicious_confidence_100% (D)
BitDefenderTheta	Gen:NN.ZedlaF.36802.aq5@aejr6Qm
VirIT	Trojan.Win32.Small.FAU
Symantec	Trojan.Dropper
ESET-NOD32	Win32/Bundpil.T
Cynet	Malicious (score: 100)
APEX	Malicious
ClamAV	Win.Adware.Downware-246
Kaspersky	Worm.Win32.Debris.b
BitDefender	Gen:Variant.Barys.431082
NANO-Antivirus	Trojan.Win32.Drop.bqqvjw
SUPERAntiSpyware	Trojan.Agent/Gen-Downloader
Avast	Win32:Atraps-PZ [Trj]
Tencent	Trojan.Win32.Csyr.A
Sophos	W32/Gamarue-BM
Baidu	Win32.Worm.Bundpil.ah
F-Secure	Trojan.TR/Downloader.Gen
DrWeb	Trojan.MulDrop4.25343
VIPRE	Gen:Variant.Barys.431082
TrendMicro	WORM_GAMARUE.SMB
Trapmine	suspicious.low.ml.score
Emsisoft	Gen:Variant.Barys.431082 (B)
Ikarus	Worm.Debris
Jiangmin	Worm/Generic.aftt
Varist	W32/Csyr.A!Eldorado
Avira	TR/Downloader.Gen
Antiy-AVL	Trojan/Win32.Csyr
Kingsoft	malware.kb.a.876
Microsoft	Worm:Win32/Gamarue.DK!MTB
Xcitium	Worm.Win32.Bundpil.T@4wizl6
Arcabit	Trojan.Barys.D693EA
ZoneAlarm	Worm.Win32.Debris.b
GData	Win32.Trojan.PSE.1Y5UO7M
Google	Detected
AhnLab-V3	Worm/Win32.Bundpil.R63957
VBA32	Worm.Gamarue
ALYac	Gen:Variant.Barys.431082
MAX	malware (ai score=88)
Cylance	unsafe
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	WORM_GAMARUE.SMB
Rising	Worm.Bundpil!1.E3E2 (CLASSIC)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Generic!worm
DeepInstinct	MALICIOUS
alibabacloud	Worm:Win/Gamarue.28f0ce19

How to remove Win32:Atraps-PZ [Trj]?

Win32:Atraps-PZ [Trj] removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X