Cet article dévoile le nouveau cheval de Troie populaire, Win64:Génération de logiciels malveillants, mis en lumière par les systèmes antivirus Avast et Avg pour les fichiers suspects mais non classifiés. Unlike other trojans or viruses, Win64:Malware Gen shares certain similarities but also stands out in unique ways. Dive in for more details.
Avast Keeps Catching Virus: Win64:Malware-gen
I have this problem, where Avast keeps catching this virus called Win64:Malware over and over again for about 20 days now, and I’m not sure what I should do about it. I added the logs from Malwarebytes and the Farbar Recovery Scan Tool. The infected file is wmcodecs.dll and the location is C:\Windows\System32. I think the Avast background scanner is catching it. Maybe you could help me with this problem?<span class="su-quote-cite">Forum.avast.com</span>
What Is Win64 Malware Gen?
Avast Antivirus has designed and utilized Win64:Malware-gen as a heuristic detection method for identifying trojan horses generically. This malware, Win64 Malware gen exe, could manifest as ransomware, hijacking and encrypting files on the infected computer and demanding payment for their release.
Typically, the Win64:Malware-gen ransomware prompts victims to transfer money, aiming to mitigate the risks the trojan poses to the affected device.
The impacts on targeted computers generally include:
- Opening, editing, modifying, renaming, encrypting, moving, distributing, deleting, or destroying files.
- Conducting network activity undetected, as Win64:Malware-gen conceals its network activity despite Microsoft’s API in Windows OS designed to reveal such activity within the last 30 days.
- Blocking routine access to the infected workstation, a common tactic of viruses known as lockers, until the user pays a ransom.
How Does Win64:Malware-gen Infect a Computer?
Win64 Malware-gen infiltrates machines primarily through phishing emails or by users encountering harmful software online. Additional pathways include downloads from dubious sources, torrent websites, strange links, fake updates, and other insecure avenues.
How Does Win64 Malware Gen Work?
Upon infection, Win64:Malware-gen encrypts data or disrupts programs’ functionality. It then generates a ransom note demanding payment for data decryption or application unblocking, typically revealed upon reboot after hijacking.
The spread of Win64 Malware-Gen is global, adapting its ransom demands and notifications to local or regional nuances.
Par exemple, it may feign legal warnings about unlicensed software in some regions or masquerade as law enforcement elsewhere, demanding ransom for alleged illegal content found on the computer.
How to Detect a Win64 Malware-gen Infection?
Identifying a malware infection involves noting sudden computer slowdowns, unfamiliar processes, odd browser activities, antivirus alerts about undetectable threats, application issues, screen flickers, or unexpected shutdowns.
What Are the Negative Effects of Win64:Malware-gen?
Infected computers may experience:
- Additional malware installations.
- Fake update or program installation pop-ups.
- Engagement in click fraud.
- Inclusion in spam distribution or botnets.
- Remote hacker access for data theft, including keystrokes, website visits, and sensitive information via registry edits.
- Internet ad bombardments.
- Conversion of webpage text into hyperlinks.
- Sensitive data theft leads to fraudulent transactions, identity theft, and financial losses.
Win64:Malware-gen poses significant threats, not only by disrupting personal device functionality but also by endangering users’ financial and personal security.
Win64:Malware-gen Variants
| Antivirus | Détection |
|---|---|
| Alibaba Cloud Security Center | TrojanDropper:Win64/LaZagne.8fcc6442 |
| Avast | Win64:Malware-gen |
| MOYENNE | Win64:Malware-gen |
| Avira | HEUR/AGEN.1046641 |
| Bitdefender | Trojan.PasswordStealer.GenericKDS.33544129 |
| Web | Trojan.Siggen9.20767 |
| Emsisoft | Trojan.GenericKD.33545160 (B) |
| FireEye | Generic.mg.d08c3a2f1f530dcb |
| F-Secure | Heuristic.HEUR/AGEN.1046641 |
| GridinSoft | Trojan.Ransom.Gen |
| K7GW | Riskware ( 0040eff71 ) |
| Kaspersky | not-a-virus:HEUR:PSWTool.Python.LaZagne.gen |
| McAfee | Artemis!D08C3A2F1F53 |
| McAfee GW Edition | BehavesLike.Win32.Backdoor.vc |
| Microsoft | troyen:Win32/Occamy.C |
| Qihoo 360 | HEUR/QVM10.1.E9CF.Malware.Gen |
| Sophos | Generic PUA KE (PUA) |
| Symantec | Trojan.Gen.MBT |
| Trend Micro Apex One | Malicious |
| TrendMicro HouseCall | TROJ_GEN.R002H07CE20 |
Removing Win64:Malware-Gen Virus
Compte tenu de sa sophistication, detecting and removing Malware-Gen demands the utmost care. This virus known for hindering security software execution, vous oblige à contourner ces restrictions pour réussir la suppression et la récupération du système.
Loaris Trojan Remover stands out as the premier choice for eradicating the Win64 Malware-gen threat and restoring your system. It boasts an advanced scanning engine that detects malware in all forms and allows for targeted scans with its Custom Scan feature.
Pour naviguer dans les blocs d’exécution du ransomware, démarrez votre PC dans Mode sans échec avec réseau. Cela peut être fait via le panneau de dépannage en redémarrant votre PC tout en maintenant la touche Maj enfoncée., accéder aux paramètres de démarrage, et en sélectionnant Windows 10 Mode sans échec avec réseau.
En mode sans échec, lancez l'installateur de Loaris, suivez les instructions d'installation, et activez l'essai gratuit pour bénéficier de toutes les fonctionnalités.
Effectuer une analyse complète, consulter la liste des menaces détectées, et procédez aux actions de suppression recommandées.
