Malware

Should I remove “Win32:Reveton-LG [Trj]”?

Malware Removal

The Win32:Reveton-LG [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:Reveton-LG [Trj] virus can do?

  • At least one process apparently crashed during execution
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Russian
  • Authenticode signature is invalid

How to determine Win32:Reveton-LG [Trj]?



File Info:

name: F803A3ABD7A925F57C1B.mlw
path: /opt/CAPEv2/storage/binaries/2309dfa49550cbfefeb233a002492a159bf7b11a0e8fa16f9f51839bb2403856
crc32: B740AAB4
md5: f803a3abd7a925f57c1b2c46d5779230
sha1: bedaa9789b750272f0dd96bca9f950a6b3ba3249
sha256: 2309dfa49550cbfefeb233a002492a159bf7b11a0e8fa16f9f51839bb2403856
sha512: 203bef01ed773046039cbda5b7fa1e36df3a1943372882bd1e7abd3c413fa4b8cf9e5738d96630fcf779c833fd4087e65faed34a3052d1e4ce83eacdc31137a7
ssdeep: 6144:LG2InZdjWpmLyrSBPGawfp+ed0LVSvFtPyV5FoELpe:LczCprGNE+euLkvFtqV5Fogpe
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E2440290E2DC6BACFDB26C389703E4E853A36C6EA1CD85A920777BE04DFAB45451105F
sha3_384: a5cf6c28505d306182bc5f442e94cf391e21f7eaeb8158a859963109f934fafb95fe7beb4e1d5869a98ef0a9ebe5d74c
ep_bytes: 64a100000000558bec6aff6878204000
timestamp: 2012-12-27 12:26:56


Version Info:

0: [No Data]

Win32:Reveton-LG [Trj] also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Symmi.8447
FireEyeGeneric.mg.f803a3abd7a925f5
McAfeeRansom-FAYW!F803A3ABD7A9
CylanceUnsafe
ZillyaTrojan.Gimemo.Win32.4638
SangforTrojan.Win32.Generic.ky
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanPSW:Win32/Reveton.9f4fcb79
K7GWSpyware ( 0029a43a1 )
K7AntiVirusSpyware ( 0029a43a1 )
CyrenW32/S-303308cc!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Spy.Zbot.AAO
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.Gimemo-9866697-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Symmi.8447
NANO-AntivirusTrojan.Win32.Panda.bqpqmc
SUPERAntiSpywareTrojan.Agent/Gen-Undef
TencentMalware.Win32.Gencirc.114cd95e
Ad-AwareGen:Variant.Symmi.8447
EmsisoftGen:Variant.Symmi.8447 (B)
ComodoMalware@#g5ga63o684m3
DrWebTrojan.PWS.Panda.2401
VIPREBackdoor.Win32.Tofsee.fa (v)
TrendMicroTROJ_GEN.R002C0PB922
McAfee-GW-EditionBehavesLike.Win32.Packed.dc
SophosMal/Generic-R + Troj/Zbot-DTB
IkarusTrojan-Ransom.Gimemo
GDataGen:Variant.Symmi.8447
JiangminTrojan.Generic.ccbcj
AviraHEUR/AGEN.1213866
Antiy-AVLTrojan[Ransom]/Win32.Gimemo
KingsoftWin32.Troj.Undef.(kcloud)
GridinsoftRansom.Win32.Zbot.sa
ArcabitTrojan.Symmi.D20FF
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftPWS:Win32/Zbot!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Gimemo.R49601
BitDefenderThetaGen:NN.ZexaF.34232.qqZ@ae3qESnc
ALYacGen:Variant.Symmi.8447
MAXmalware (ai score=100)
VBA32BScope.TrojanPSW.Panda
MalwarebytesMalware.AI.2975062661
PandaTrj/Sinowal.WWG
TrendMicro-HouseCallTROJ_GEN.R002C0PB922
RisingBackdoor.Tofsee!8.1E9 (RDMK:cmRtazqbEaxFSo8CE7i4Aqp5gAZK)
YandexTrojan.GenAsa!kLYGtewQ3sQ
SentinelOneStatic AI – Suspicious PE
FortinetW32/Kryptik.AREG!tr
WebrootW32.Infostealer.Zeus
AVGWin32:Reveton-LG [Trj]
Cybereasonmalicious.bd7a92
AvastWin32:Reveton-LG [Trj]

How to remove Win32:Reveton-LG [Trj]?

Win32:Reveton-LG [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment