Malware

Win32:Pixoliz-AC [Trj] removal

Malware Removal

The Win32:Pixoliz-AC [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:Pixoliz-AC [Trj] virus can do?

  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Deletes executed files from disk
  • Anomalous binary characteristics

How to determine Win32:Pixoliz-AC [Trj]?



File Info:

name: 78592B9013BA14FCB3D5.mlw
path: /opt/CAPEv2/storage/binaries/1cdfe186d9a05f411bc325af2d6cdb951abcbd991da38a591188ef22f80c71a8
crc32: C0E4F1D8
md5: 78592b9013ba14fcb3d551eeffabb5f6
sha1: 475fcc16eab0236ecb5df75888182cf369be8e16
sha256: 1cdfe186d9a05f411bc325af2d6cdb951abcbd991da38a591188ef22f80c71a8
sha512: 83ec9a031da36a82ec23abcc47906f7d1ab062eae0e334834f2d85d55771ae11d6e57df09e4c7baaaa98608134824737ef0da57cdaf469f39b3c9e2e00479211
ssdeep: 3072:FyBssVjZVznsLBDzUUH7m1DtH7HsUj/NIO+0EOFZ3E1z5tBrJg4NLthEjQT6:FyK+LsIDpj6O76Br+QEj
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B8248D4173D1F421C17727B09EDED7E52B247D22DFF6A70BB68ABBAD9E342450820A11
sha3_384: 6973d7968d44066a347c05b2f7f724a0f7903ce80322cbd087d33465f2a4ad8418798986ca0d45e65fc62e7bbe0380ca
ep_bytes: 60b9000000008a990010400080eb6388
timestamp: 2007-06-02 06:27:43


Version Info:

CompanyName: TODO: 
FileDescription: TODO: 
FileVersion: 1.0.0.1
InternalName: AdwTest.exe
LegalCopyright: TODO: (c) .  All rights reserved.
OriginalFilename: AdwTest.exe
ProductName: TODO: 
ProductVersion: 1.0.0.1
Translation: 0x0409 0x04e4

Win32:Pixoliz-AC [Trj] also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
DrWebTrojan.MulDrop5.42246
MicroWorld-eScanTrojan.Agent.DCBC
ClamAVWin.Malware.Razy-9759519-0
FireEyeGeneric.mg.78592b9013ba14fc
CAT-QuickHealTrojan.Mauvaise.SL1
SkyhighBehavesLike.Win32.Generic.dh
McAfeeGenericR-CVM!78592B9013BA
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.AgentGen.Win32.95
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005ac2dd1 )
K7GWTrojan ( 005ac2dd1 )
Cybereasonmalicious.6eab02
BitDefenderThetaGen:NN.ZexaF.36744.nq1@aiRt5@ai
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Agent.WTK
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Nobady.pef
BitDefenderTrojan.Agent.DCBC
NANO-AntivirusTrojan.Win32.Patched.foubml
SUPERAntiSpywareTrojan.Agent/Gen-MulDrop
AvastWin32:Pixoliz-AC [Trj]
TencentTrojan.Win32.Agent.zl
SophosMal/Agent-AWE
F-SecureTrojan.TR/Crypt.ZPACK.Gen7
VIPRETrojan.Agent.DCBC
EmsisoftTrojan.Agent.DCBC (B)
IkarusTrojan.Win32.Aenjaris
JiangminTrojan.Nobady.bfez
GoogleDetected
AviraTR/Crypt.ZPACK.Gen7
MAXmalware (ai score=85)
Antiy-AVLTrojan/Win32.Agent.wtk
Kingsoftmalware.kb.a.948
MicrosoftTrojan:Win32/Aenjaris.AL!bit
XcitiumTrojWare.Win32.Agent.A@5j9hfe
ArcabitTrojan.Agent.DCBC
ZoneAlarmHEUR:Trojan.Win32.Nobady.pef
GDataTrojan.Agent.DCBC
VaristW32/S-6053bf39!Eldorado
AhnLab-V3Trojan/Win32.Agent.R136020
VBA32SScope.Malware-Cryptor.Aenjaris
ALYacTrojan.Agent.DCBC
TACHYONTrojan/W32.Agent.213000.BO
Cylanceunsafe
PandaTrj/Genetic.gen
ZonerTrojan.Win32.29145
RisingTrojan.Aenjaris!8.E521 (TFE:2:sa7eFKzapTS)
YandexTrojan.GenAsa!v/swy7PpdTc
SentinelOneStatic AI – Malicious PE
FortinetW32/Agent.WTK!tr
AVGWin32:Pixoliz-AC [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Win32:Pixoliz-AC [Trj]?

Win32:Pixoliz-AC [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment