Malware

Win32:GenMalicious-ION [Trj] removal instruction

Malware Removal

The Win32:GenMalicious-ION [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:GenMalicious-ION [Trj] virus can do?

  • Expresses interest in specific running processes
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Network activity detected but not expressed in API logs

How to determine Win32:GenMalicious-ION [Trj]?



File Info:

crc32: 1D12A78D
md5: a23c498386e5dbf47fd4c1d5887f7b37
name: A23C498386E5DBF47FD4C1D5887F7B37.mlw
sha1: 8ba464137bf18b2e68dd22d68cf00b9a6d447d50
sha256: 0719dc239a04f911b216b8c3576a1f95c05796092ea6cad77f76944de879ab25
sha512: 421bc79c5ae16e37eb7a1658f8d4f03a8f0430b1f782bca56b74d131b75120ddae748b0596da63ba9d882a8b30d5522c4dd3592a2d1a8621ed19265fb02122a5
ssdeep: 12288:WHat2SC6LWimNYtgXDWnT+t8oRo/g4Pc534s4gEOi:Wu2SC6qiEYtqWT+ioRo/PZQi
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:  Microsoft Corporation. All rights reserved. x7248x6743x6240x6709
FileVersion: 3.1.1.5
CompanyName:  Microsoft Corporation. All rights reserved.
Comments: x672cx7a0bx5e8fx4f7fx7528x6613x8bedx8a00x7f16x5199(http://www.dywt.com.cn)
ProductName: Microsoft Corporation
ProductVersion: 3.1.1.5
FileDescription: Windows x670dx52a1x4e3bx8fdbx7a0b
Translation: 0x0804 0x04b0

Win32:GenMalicious-ION [Trj] also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 005246d51 )
Elasticmalicious (high confidence)
DrWebTrojan.SpyBot.324
CynetMalicious (score: 100)
CAT-QuickHealHacktool.Flystudio.16558
CylanceUnsafe
SangforWin.Malware.Zusy-6840460-0
CrowdStrikewin/malicious_confidence_90% (W)
K7GWTrojan ( 005246d51 )
Cybereasonmalicious.37bf18
BaiduWin32.Backdoor.Zegost.a
CyrenW32/S-1885075c!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEXMalicious
AvastWin32:GenMalicious-ION [Trj]
ClamAVWin.Malware.Agen-7172367-0
KasperskyUDS:Trojan.Win32.Farfli.gen
BitDefenderTrojan.GenericKD.37214626
MicroWorld-eScanTrojan.GenericKD.37214626
TencentWin32.Backdoor.Zegost.Ljjw
Ad-AwareTrojan.GenericKD.37214626
SophosGeneric PUA IL (PUA)
ComodoWorm.Win32.Dropper.RA@1qraug
BitDefenderThetaGen:NN.ZexaF.34790.4q0@auNK!Fab
McAfee-GW-EditionBehavesLike.Win32.Dropper.dh
FireEyeGeneric.mg.a23c498386e5dbf4
EmsisoftTrojan.GenericKD.37214626 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Yakes.hiu
AviraBDS/Zegost.blan
Antiy-AVLTrojan/Generic.ASCommon.FA
KingsoftWin32.Heur.KVM005.a.(kcloud)
MicrosoftTrojan:Win32/Emotet!ml
GDataWin32.Trojan.PSE.19Q2126
AhnLab-V3Trojan/Win.Generic.R430403
Acronissuspicious
McAfeeArtemis!A23C498386E5
MAXmalware (ai score=87)
VBA32SScope.Trojan.SvcHorse.01643
MalwarebytesTrojan.MalPack.FlyStudio
TrendMicro-HouseCallTROJ_GEN.R002H0CG921
RisingTrojan.Generic@ML.99 (RDML:iQicCuLgeERfdSY0Ggb0ng)
YandexTrojan.GenAsa!4zdNZrIAMfs
IkarusPUA.BlackMoon
FortinetW32/CoinMiner.65CA!tr
AVGWin32:GenMalicious-ION [Trj]
Paloaltogeneric.ml
Qihoo-360Win32/Backdoor.Zegost.HwcB3mMA

How to remove Win32:GenMalicious-ION [Trj]?

Win32:GenMalicious-ION [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment