GridinSoft Threat Intelligence

Trojan detection reports

Malware disguised as legitimate software or delivered through deceptive packaging.

Detection category

Trojan threat reports

Malware disguised as legitimate software or delivered through deceptive packaging. ThreatInfo groups these records so analysts and users can review related filenames, hashes, and GridinSoft detection names from one place.

Trojan reports focus on files that imitate legitimate software or arrive through deceptive packaging.

Indexed reports 7,307

Latest shown 60

Detected 58

Observed detection families

Common Trojan verdicts

These are the most frequent GridinSoft detection names in the latest reports shown below. Repeated families help users recognize whether a file belongs to a broader campaign or bundled software cluster.

General Threat 12 reports

Trojan.Agent 11 reports

Trojan.Gen 10 reports

Trojan.CoinMiner 5 reports

Adware.ELEX 2 reports

Hack.KMS 2 reports

Adware.Downloader 1 reports

Hack.Gen 1 reports

Analyst focus

What to check first

For Trojan triage, verify the hash and origin first, then scan the system for related files created at the same time.

A familiar filename with an unfamiliar hash, publisher, or install location.
Unexpected network activity, loaders, droppers, or secondary payload behavior.
Reports where signed metadata and observed behavior do not agree.

Frequent metadata

Publishers and products

Publishers Tukero[X]Team 3 MDL Forum, mod by Ratiborus 2 AutoIt Team 1 Avira GmbH 1 BKIS 1 DumpTeam 2010 1

Products TNod User @amp; Password Finder 3 KMS Server Emulator Service (XP) 2 ADTV 1 Audition Client Patcher 1 AutoClick 1 AutoIt v3 Script 1

GridinSoft Anti-Malware

Scan for Trojan detections

If a file from this category appears on your computer, verify the exact report and run a full system scan. GridinSoft Anti-Malware is used to detect and remove threats listed in ThreatInfo reports.

Download scanner

01 Match the hash

Use the MD5 value from the report. A filename alone is not enough because unrelated files can share the same name.

02 Review origin

Check the publisher, product name, certificate, and file path for mismatches or unfamiliar install locations.

03 Scan and remove

If the file is unexpected, scan the device and remove related startup entries, bundled components, and leftover files.

Recent reports

Latest Trojan file records

A0213255.exe 9e1742bff2f3c04b2c1c572aff146564 Under review $RLV564L.exe eedb9d86ae8abc65fa7ac7c6323d4e8f Trojan.CoinMiner instsh_x86.exe 3afeb8e9af02a33ff71bf2f6751cae3a Trojan.CoinMiner 華硊楷票馱撿V3.2.exe eb517f06479141a7e9f2b40cc2ec1d7e Trojan.Agent AutoClick 2.2_2.exe cbcfaeb22e4847a6b1c33bb520b6920a Trojan.Agent 32.exe 87bcefddbb591c34932d5218c1862702 Trojan.Agent vCrack 2017.exe b21fe8bd5f4df84328a6b39818bbb7c5 Trojan.Agent ADOBE CS5.5 KEYGEN.exe df9f6bfca92822cc878eac8faeecdf50 General Threat MaxxAudioMeters64.exe 030b0e978bee347e9a671a7bea4501fe Under review kmservice.exe 9e97011c50db3f6bc6a4b21be5197a1e Trojan.HackKMS A0008667.exe 5d4a433038eebee8950a0ae024cc9997 Trojan.Agent IObit Driver Booster Pro 4.4.0.512.exe 1d95f7c9135fefc44b34ef89a26de425 Ransom.Wacatac Conv.Icones.exe 6cf7eb5d6a39b07e09a9514cd10c22c9 Trojan.Gen KEYGEN.exe 60beb6ee9c05f8fff2ab1452dd9a7b33 General Threat A0003714.dll d448a4727cca91df7ac0126a22830759 Trojan.Agent LOADER_5_4.exe a3996c7d739dbf4ea31aef8a3995bc0b General Threat IEXPL0RE.EXE d9ec6f3a3b2ac7cd5eef07bd86e3efbc Trojan.CoinMiner gAutoKMS.exe a351f99236a011d4027886215b843317 Trojan.Agent timetasks.exe.vir fb1f04fb851fe921aec9148495669c55 Adware.Downloader oem-drv64.sys ff86bedaff2a06f098959a64b0758fb2 General Threat cdeath.exe 8f6f4725e2006be1ef00755854464d90 Worm.Autorun Counter-Strike Global Offensive.exe 219c9cb02bf4cd60fdb0acc1b8b16649 Trojan.Gen Es4.RunTask.exe b5cd242124951360780192e75306fd8a Trojan.Agent uninstall.exe 9da0bc2665206038d37f634c4d1dfd96 Trojan.Gen ScpUpdater.exe 992093482ab15e260bf747bf74cec0d6 Trojan.CoinMiner easydiskdriverepair.exe 65919e61428bdaf8a0826fbf277f66cf General Threat Adobe CS4 Master Collection Keyken.exe 9427ea4a025409bcd86c3a8c90e9d160 General Threat pes2014.exe 0d46b2474ce246ab978df823f24c6223 Trojan.Packed TNODUP.exe f8daaaa06758d3f746aa1958952a3268 Hack.Gen 64bit.).2016-patch MrSzzS.exe 5325db41669aea870e16f48fbaa5dc22 Hack.Patcher EUtil_amd64.sys e8a8772835bb378f4d6b744cd0f299d9 Trojan.Gen patcher.exe 3e16ef6d9fd607e0d8e9c373aa7bbbb0 Trojan.Wacatac Keygen.exe 0ff7b0aa3840d67bfef3a7c77c26468b Trojan.Keygen hdtask.exe edc7eb442a17faeb8bc02a7c16551bf1 PUP.SpeedUpMyPC fraps_ru.exe.quarantined 5a5c0885cf60d6f6f39c5db45e5e1211 Trojan.Gen KMSSS.exe 144cf3238e59f210646bdc6dd2ba631f Hack.KMS 1.exe b3f804bc737b0b59f1e0188964908041 Trojan.CoinMiner keygen.exe 2636801a85d56cf5c8ed6d3d08827571 General Threat Main.exe a7a82952b1b3181f4897bd5f3d8d96ec Trojan.Gen TNod-1.4.2.3.exe 57712fe52623737e2313d63494ec5ec5 General Threat CryEA(1).dll f7cd1b54e619e20add6d40148e301e59 Trojan.Agent NEW (3).exe 25a283f9dcaa5799876a4ae94a0ca385 Ransom.Blocker patineta.exe d03a8e1030a28df3fcf7f7317afd4a38 Spy.Keylogger meteorito.exe c6b54a1471fd7ae270cc1ee690443143 General Threat A0029758.EXE bf4621961fe9765b08349ab5c88cc962 General Threat 105044842.exe fe0b79c90bf882a4404de4dff046d331 Hack.KMS cat.exe b29df7d4c1d480e1680ff9a0922f6039 Adware.ELEX helper.exe bab6a34666c2e14b1db995f7617f4851 Trojan.Gen A.I_1003H.EXE 3d5fa6d9aa8cf0087e59296463598c2e Suspicious Object FixAttrb ()Khoi phuc du lieu an).exe 81ecb3e505949726364bfd699603fd59 Trojan.Gen WinSAP.dll 9896325e7b2c61e0c083789794feef14 Adware.ELEX movie.exe beb94fb30a410fb4c0ea1c67e2c8ed80 Trojan.Agent sIXlNZGO.exe 1d92c741bc5b2d34dcd0a0265ab54275 Trojan.Kryptik checkupdate.exe 6d9e1356a9c1b5f36698faff9205e34a Trojan.Gen A0005624.exe 271fc11622cbbb3abfdc174e38b9b390 General Threat vusbbus.sys 631cb85802785e004afa0194284d0786 Trojan.Agent tscitres.exe ad5e6eb33f8b6b48fab6d9ab3e1212c1 Trojan.Autoit rfagent64.exe 2f7aba8d94d5063a430d532d9066ab74 PUP.Gen Office 2013 KMS Activator Ultimate v1.5 Portable.exe 01d7ba8d3e97a71e0a2689d4b50c0364 General Threat ADTVScheduleAgent.exe af953c9367340b9f084405f8180a9af0 Trojan.Gen

Questions

Trojan FAQ

How should I use this category page?

Use it to find recent reports in the same detection family, then open the exact file report and compare the hash, publisher, path, and detection name.

Why can the same filename have different verdicts?

Attackers and bundlers often reuse common filenames, so the MD5 hash and metadata are more reliable than the name alone.

What should I do if a listed file exists on my device?

Do not rely on the filename only. Verify the hash, review the file location, and run a full system scan before keeping or removing it.