In this message, I am going to explain how the Petus trojan injected into your computer, and how to get rid of Petus trojan virus.
What is Petus trojan?
| Name | Petus |
| Infection Type | Trojan |
| Symptoms |
|
| Similar behavior | Fraud, Pterodo, PLEAD, Dynara, StealC, Kepiten |
| Fix Tool |
See If Your System Has Been Affected by Petus trojan |
The name of this kind of malware is a reference to a widely known tale regarding Trojan Horse, that was operated by Greeks to enter the city of Troy and win the war. Like a dummy horse that was left for trojans as a present, Petus trojan virus is distributed like something legit, or, at least, valuable. Harmful apps are stashing inside of the Petus trojan virus, like Greeks inside of a massive wooden dummy of a horse.1Trojan viruses are one of the leading malware types by its injection frequency for quite a long period of time. And currently, during the pandemic, when malware got immensely active, trojan viruses boosted their activity, too. You can see a number of messages on diverse sources, where users are complaining concerning the Petus trojan virus in their computers, as well as requesting for assisting with Petus trojan virus elimination.
Trojan Petus is a kind of virus that injects into your PC, and afterwards executes a wide range of malicious features. These features depend upon a sort of Petus trojan: it may act as a downloader for other malware or as a launcher for an additional harmful program which is downloaded together with the Petus trojan virus. During the last two years, trojans are additionally dispersed with e-mail add-ons, and most of situations used for phishing or ransomware injection.
Petus2 also known as
| Bkav | W32.Common.E899B612 |
| Lionic | Trojan.Win32.Agent.liOU |
| Elastic | malicious (high confidence) |
| MicroWorld-eScan | Gen:Variant.Graftor.32137 |
| FireEye | Generic.mg.f59fff19621f4212 |
| CAT-QuickHeal | Trojan.PRI.S27249689 |
| Skyhigh | BehavesLike.Win32.Generic.lh |
| McAfee | Artemis!F59FFF19621F |
| Cylance | unsafe |
| Zillya | Downloader.Agent.Win32.71217 |
| Sangfor | Downloader.Win32.Petus.Vqy9 |
| CrowdStrike | win/malicious_confidence_100% (D) |
| Alibaba | TrojanDownloader:Win32/Petus.339c52f4 |
| K7GW | Riskware ( 0040eff71 ) |
| K7AntiVirus | Riskware ( 0040eff71 ) |
| Arcabit | Trojan.Graftor.D7D89 |
| Baidu | Win32.Trojan-Downloader.Agent.gw |
| VirIT | Trojan.Win32.Agent.ANNW |
| Symantec | Downloader |
| ESET-NOD32 | Win32/TrojanDownloader.Agent.RGC |
| Cynet | Malicious (score: 100) |
| APEX | Malicious |
| ClamAV | Win.Downloader.112906-1 |
| Kaspersky | HEUR:Trojan.Win32.Generic |
| BitDefender | Gen:Variant.Graftor.32137 |
| NANO-Antivirus | Trojan.Win32.Agent.covkhs |
| Avast | Win32:Trojan-gen |
| Tencent | Malware.Win32.Gencirc.10b3b846 |
| Emsisoft | Gen:Variant.Graftor.32137 (B) |
| F-Secure | Trojan.TR/Dldr.Rozena.D |
| DrWeb | Trojan.DownLoad2.14968 |
| VIPRE | Gen:Variant.Graftor.32137 |
| TrendMicro | TSPY_DOWNLOADER_CC16281A.RDXN |
| Sophos | Mal/Generic-S |
| Ikarus | Trojan-Dropper.Agent |
| Jiangmin | TrojanDownloader.Agent.cgls |
| Varist | W32/Petus.ZETR-5828 |
| Avira | TR/Dldr.Rozena.D |
| Antiy-AVL | Trojan[Downloader]/Win32.Agent |
| Kingsoft | Win32.Trojan.Generic.a |
| Xcitium | TrojWare.Win32.Downloader.Agent.edng@4ldgmt |
| Microsoft | TrojanDownloader:Win32/Petus.A |
| ViRobot | Trojan.Win32.A.Downloader.72552 |
| ZoneAlarm | HEUR:Trojan.Win32.Generic |
| GData | Win32.Trojan.Agent.RXZSP4 |
| Detected | |
| BitDefenderTheta | Gen:NN.ZexaF.36608.euX@aWUEXEhj |
| ALYac | Gen:Variant.Graftor.32137 |
| MAX | malware (ai score=100) |
| Malwarebytes | Generic.Malware/Suspicious |
| Panda | Generic Malware |
| TrendMicro-HouseCall | TSPY_DOWNLOADER_CC16281A.RDXN |
| Rising | Trojan.DL.Win32.Undef.sly (CLASSIC) |
| Yandex | Trojan.DL.Agent!ADRDmWHaYbY |
| MaxSecure | Trojan.Malware.2154815.susgen |
| Fortinet | W32/Agent.QS!tr.dldr |
| AVG | Win32:Trojan-gen |
| Cybereason | malicious.77344b |
| DeepInstinct | MALICIOUS |
What are the symptoms of Petus trojan?
- A file was accessed within the Public folder.;
- Sample contains Overlay data;
- Reads data out of its own binary image;
- Unconventionial language used in binary resources: Chinese (Simplified);
- Authenticode signature is invalid;
- Attempts to modify proxy settings;
- Anomalous binary characteristics;
The common symptom of the Petus trojan virus is a progressive appearance of various malware – adware, browser hijackers, et cetera. As a result of the activity of these malicious programs, your personal computer ends up being extremely slow: malware consumes large quantities of RAM and CPU capacities.
Another visible effect of the Petus trojan virus presence is unfamiliar operations displayed in task manager. Sometimes, these processes may try to imitate system processes, however, you can understand that they are not legit by taking a look at the origin of these tasks. Quasi system applications and Petus trojan’s processes are always specified as a user’s processes, not as a system’s.
How to remove Petus trojan virus?
- Download and install Loaris Trojan Remover.
- Open Loaris and perform a “Standard scan“.
- “Move to quarantine” all items.
- Open “Tools” tab – Press “Reset Browser Settings“.
- Approve the reset pressing “Yes” button in the appeared window.
- Restart your computer.
To delete Petus trojan and also ensure that all extra malware, downloaded with the help of this trojan, will be removed, too, I’d suggest you to use Loaris Trojan Remover.
Petus trojan virus is pretty hard to eliminate by hand. Its pathways are pretty hard to track, and the modifications executed by the Petus trojan are hidden deeply within the system. So, the possibility that you will make your system 100% clean of trojans is quite low. And don't forget about malware that has been downloaded and install with the help of the Petus trojan virus. I assume these arguments suffice to assure that eliminating the trojan virus manually is a bad strategy.
Petus removal guide
To spot and eliminate all malicious programs on your personal computer using Loaris, it’s better to use Standard or Full scan. Removable scan, as well as Custom, will scan only specified locations, so these types of scans cannot provide the full information.
You can observe the detects during the scan process goes. However, to execute any actions against detected malware, you need to wait until the process is over, or to interrupt the scan.
To designate the specific action for each detected viruses, click the knob in front of the detection name of detected malware. By default, all malicious programs will be sent to quarantine.
How to remove Petus Trojan?
Name: Petus
Description: Trojan Petus is a kind of virus that infiltrates into your computer, and after that performs different destructive functions. These features depend upon a type of Petus trojan: it can act as a downloader for many other malware or as a launcher for another destructive program which is downloaded in addition to the Petus trojan. During the last two years, trojans are also dispersed via e-mail attachments, and most of situations utilized for phishing or ransomware infiltration.
Operating System: Windows
Application Category: Trojan
User Review
( votes)- What is Trojan Horse: https://en.wikipedia.org/wiki/Trojan_horse_(computing)
- Petus VirusTotal Report: https://www.virustotal.com/api/v3/files/b1640c1378889686968aa7121c4e3e70c491be42d008324e149311e8b61add46
