Worm:Win32/Protoride.H removal guide

The Worm:Win32/Protoride.H is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Worm:Win32/Protoride.H virus can do?

Unconventionial language used in binary resources: Spanish (Argentina)
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
Installs itself for autorun at Windows startup

Related domains:

BiTe.nightrun.com.ar

BiTe.beztia.com.ar

BiTe.damaged.com.ar

How to determine Worm:Win32/Protoride.H?


File Info:
crc32: 8C76A2F2
md5: 3af36e889bb55cff9f3a8c5ec92bd6b1
name: 3AF36E889BB55CFF9F3A8C5EC92BD6B1.mlw
sha1: 4afbea7c03339a4e18e2a07a3e6a16dc716906b1
sha256: b6c89d2112d6e2a15a056f72284d9c962cc85066ea6aa955563765613c49f8c1
sha512: 7d267b6bd81f8d8a954fd83041f1c0cdcc485a45ef2d835e050a18c090bd0d8a9d7e208926e7bd948daffc18832132224153c16a3b232e545deabbbc784579bd
ssdeep: 1536:4pnKVIl/P2xqKXvs/d4b/Et5NspBvM0TlO+b81fxA:2KVQ/Pdek/H/2lO+b8lxA
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:
LegalCopyright: Copyright BeyonDxa9 TechNoloGieS 2003
InternalName: Pty2Ride
FileVersion: 2, 3, 0, 0
CompanyName: BeyonD aDvanceD TechNoloGies
PrivateBuild: 
LegalTrademarks: BeyonD enGine
Comments: Creado Orgullosamente en Argentina - Made In Argentina
ProductName: BeyonD TechNoloGies ProtoType_v2
SpecialBuild: 
ProductVersion: 2, 3, 0, 0
FileDescription: ProtoType v2.3.0 build 500
OriginalFilename: Rd2.exe
Translation: 0x2c0a 0x04b0

Worm:Win32/Protoride.H also known as:

Lionic	Trojan.HTML.IFrame.8!c
Elastic	malicious (high confidence)
DrWeb	BackDoor.IRC.Cirilico
Cynet	Malicious (score: 100)
CMC	Generic.Win32.3af36e889b!MD
ALYac	Trojan.JS.Iframe.AGG
Cylance	Unsafe
Zillya	Worm.Protoride.Win32.1
Sangfor	Worm.Win32.Protoride.H
Alibaba	Worm:Win32/Protoride.7f2c18b5
Cybereason	malicious.89bb55
Cyren	W32/IRCBot-basedB_DET!Eldorado
Symantec	W32.Protoride.Worm
ESET-NOD32	Win32/Protoride.I
APEX	Malicious
Avast	Win32:Protoride-B@UPX [Wrm]
ClamAV	Win.Worm.Protoride-1
Kaspersky	Trojan-Clicker.HTML.IFrame.rp
BitDefender	Trojan.JS.Iframe.AGG
NANO-Antivirus	Trojan.Win32.Protoride.ennh
ViRobot	Worm.Win32.A.Net-Protoride.59392.A[UPX]
MicroWorld-eScan	Trojan.JS.Iframe.AGG
Tencent	Win32.Trojan.Iframe.Loid
Ad-Aware	Trojan.JS.Iframe.AGG
Sophos	Mal/Generic-R + W32/Protori-Gen
Comodo	Worm.Win32.Protoride.I@4fdz
BitDefenderTheta	AI:Packer.C9D09C4D21
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	WORM_PROTORIDE.F
McAfee-GW-Edition	W32/Protoride.worm
FireEye	Generic.mg.3af36e889bb55cff
Emsisoft	Trojan.JS.Iframe.AGG (B)
SentinelOne	Static AI – Suspicious PE
Jiangmin	Worm/Protoride.aq
Webroot	Worm:Win32/Protoride.H
Avira	TR/Spy.Banker.vk.1
Antiy-AVL	Trojan/Generic.ASMalwS.DB892
Microsoft	Worm:Win32/Protoride.H
Arcabit	Trojan.JS.Iframe.AGG
GData	Trojan.JS.Iframe.AGG
AhnLab-V3	Worm/Win32.IRCBot.C8563
McAfee	Artemis!3AF36E889BB5
MAX	malware (ai score=100)
VBA32	BScope.Trojan.IRCbot
Panda	W32/Protoride.gen.worm
TrendMicro-HouseCall	WORM_PROTORIDE.F
Rising	Worm.Toride.a (CLASSIC)
Yandex	Trojan.GenAsa!jN/PcjxcFXU
Ikarus	Net-Worm.Win32.Protoride
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Protoride.C!worm
AVG	Win32:Protoride-B@UPX [Wrm]
Qihoo-360	Win32/Ransom.RotorCrypt.HwsBEpsA

How to remove Worm:Win32/Protoride.H?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Worm:Win32/Protoride.H removal guide