Trojan.Orbus.A4 removal instruction

The Trojan.Orbus.A4 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Orbus.A4 virus can do?

Authenticode signature is invalid

How to determine Trojan.Orbus.A4?


File Info:
name: 48980D3E8F6C35D182F0.mlw
path: /opt/CAPEv2/storage/binaries/8b254fe5085168b6d52bda56799cec62d1a2e624c9e61c6a83520b491448226e
crc32: 0812BC5C
md5: 48980d3e8f6c35d182f0a8b37c4b4373
sha1: ff44c4a5e33ced33de755b5710c816379d9d1d33
sha256: 8b254fe5085168b6d52bda56799cec62d1a2e624c9e61c6a83520b491448226e
sha512: 7e6fce4f9ec40350025219a7c575456e2073e4a624ce974cf508c134e7c8d772efa881f3bce9f19ae851a77abab82d3da1c821cc95c79666b4d6ae76360a9efe
ssdeep: 12:etGSG4Mvem/fAqTGH+OKGVm5D7pbXzFOUzdNLBX/xiZgH8LBJYU1+Ecafg:etGSGGqTGpwTXzFLz3LBvxiZjNyUcEv
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15C71238357A9D5B3C1DE5FF002839244F6FB22384B6330244B6255CAEB70A7A64B8F04
sha3_384: c82afa01f6db6725a063d531f2379bc87f547d8740dbb04e50807918a65dc3e98a122aa8e468f2b3f0e96f31262e6cc9
ep_bytes: 6a00e8ef000000a320324000e8df0000
timestamp: 2012-07-10 08:40:43

Version Info:
0: [No Data]

Trojan.Orbus.A4 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Tiny.tohS
MicroWorld-eScan	Gen:Variant.Barys.320571
FireEye	Generic.mg.48980d3e8f6c35d1
CAT-QuickHeal	Trojan.Orbus.A4
ALYac	Gen:Variant.Barys.320571
Malwarebytes	Trojan.Tiny
VIPRE	Gen:Variant.Barys.320571
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 004c36c31 )
Alibaba	Trojan:Win32/Orbus.f74c6e23
K7GW	Trojan ( 004c36c31 )
Cybereason	malicious.e8f6c3
Baidu	Win32.Trojan.Agent.ez
VirIT	Trojan.Win32.Generic.BHY
Cyren	W32/Agent.PI.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	Win32/Agent.PGA
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	Trojan.Win32.Tiny.cm
BitDefender	Gen:Variant.Barys.320571
NANO-Antivirus	Trojan.Win32.Clicker.cqkxir
SUPERAntiSpyware	Trojan.Agent/Gen-Backdoor
Avast	Win32:Evo-gen [Trj]
Tencent	Trojan.Win32.Tiny.wb
Emsisoft	Gen:Variant.Barys.320571 (B)
F-Secure	Trojan.TR/Rogue.7909438
DrWeb	Trojan.Click2.48861
TrendMicro	TROJ_AGENT_BK0836F7.TOMC
McAfee-GW-Edition	Trojan-FDSZ!48980D3E8F6C
Trapmine	malicious.moderate.ml.score
Sophos	Troj/Agent-AHOA
Ikarus	Trojan.Win32.Agent
GData	Gen:Variant.Barys.320571
Jiangmin	Trojan/Genome.cgew
Webroot	W32.Rogue.Gen
Avira	TR/Rogue.7909438
MAX	malware (ai score=82)
Antiy-AVL	Trojan/Win32.Genome
Xcitium	TrojWare.Win32.Agent.jety@4qvpub
Arcabit	Trojan.Barys.D4E43B
ViRobot	Trojan.Win.Z.Agent.3584.VE
ZoneAlarm	Trojan.Win32.Tiny.cm
Microsoft	Trojan:Win32/Orbus
Google	Detected
AhnLab-V3	Trojan/Win32.Tiny.R291211
McAfee	Trojan-FDSZ!48980D3E8F6C
TACHYON	Trojan/W32.Small.3584.GK
VBA32	Trojan.Tiny
Cylance	unsafe
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_AGENT_BK0836F7.TOMC
Rising	Trojan.Win32.Lati.a (CLASSIC)
Yandex	Trojan.GenAsa!cfla6IaAj1Y
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/Agent.PGA!tr
AVG	Win32:Evo-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Trojan.Orbus.A4?

Trojan.Orbus.A4 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X