Trojan

Should I remove “Trojan.Win32.Witch.ghq”?

Malware Removal

The Trojan.Win32.Witch.ghq is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Witch.ghq virus can do?

    How to determine Trojan.Win32.Witch.ghq?

    

    File Info:
    
crc32: F979B795
    md5: f4dc5e24b8eac8e2852edff3c63f79a0
    name: F4DC5E24B8EAC8E2852EDFF3C63F79A0.mlw
    sha1: 75434e3a3d6544402c4e8f79bb9ebb2a4829bfc5
    sha256: b823f797888ae4acb7ec2038e56ad95924544b58abe4c1b95ffa8994d2d81099
    sha512: 832462ed49ab78a3d5f6818a33b1dfb379efd155f021e046e493f3f8f5f721e54269080cedea8665ba8b56d943c4dd844847d8f1aba33ad36e6c73f74462b983
    ssdeep: 196608:91OXDAmt7HXg5HFr7R8jzHJ5DzcfMXGAu:3OcigZFWjzHJVkAu
    type: PE32 executable (GUI) Intel 80386, for MS Windows
    

    Version Info:
    
LegalCopyright: Copyright (c) 1999-2010 Igor Pavlov
    InternalName: 7zS.sfx
    FileVersion: 9.20
    CompanyName: Igor Pavlov
    ProductName: 7-Zip
    ProductVersion: 9.20
    FileDescription: 7z Setup SFX
    OriginalFilename: 7zS.sfx.exe
    Translation: 0x0409 0x04b0

    Trojan.Win32.Witch.ghq also known as:

    Elasticmalicious (high confidence)
    CynetMalicious (score: 100)
    ALYacGen:Variant.Jaik.48175
    CylanceUnsafe
    AlibabaTrojan:Win32/Witch.727f37f9
    SymantecML.Attribute.HighConfidence
    ESET-NOD32a variant of Win32/Adware.Neoreklami.LI
    APEXMalicious
    AvastWin32:Adware-gen [Adw]
    KasperskyTrojan.Win32.Witch.ghq
    BitDefenderGen:Variant.Jaik.48175
    MicroWorld-eScanGen:Variant.Jaik.48175
    Ad-AwareGen:Variant.Jaik.48175
    SophosGeneric ML PUA (PUA)
    BitDefenderThetaGen:NN.ZexaF.34236.@JW@a8w@SUb
    McAfee-GW-EditionGenericRXQG-KA!82961BCD671D
    FireEyeGen:Variant.Jaik.48175
    EmsisoftGen:Variant.Jaik.48175 (B)
    SentinelOneStatic AI – Malicious SFX
    JiangminTrojan.Multi.equ
    AviraADWARE/Neoreklami.rfuqv
    MicrosoftTrojan:Win32/Wacatac.A!ml
    GDataGen:Variant.Jaik.48175
    AhnLab-V3Malware/Win.Generic.C4750024
    McAfeeArtemis!F4DC5E24B8EA
    MAXmalware (ai score=89)
    VBA32Trojan.Wacatac
    MalwarebytesAdware.Neoreklami
    PandaTrj/CI.A
    RisingTrojan.Generic@ML.88 (RDMK:Tpw/GvSfvteRFFwa0WrjuA)
    IkarusPUA.Neoreklami
    FortinetAdware/Neoreklami
    AVGWin32:Adware-gen [Adw]
    Paloaltogeneric.ml

    How to remove Trojan.Win32.Witch.ghq?

    Trojan.Win32.Witch.ghq removal tool
    • Download and install GridinSoft Anti-Malware.
    • Open GridinSoft Anti-Malware and perform a “Standard scan“.
    • Move to quarantine” all items.
    • Open “Tools” tab – Press “Reset Browser Settings“.
    • Select proper browser and options – Click “Reset”.
    • Restart your computer.

    You may also like

    About the author

    Paul Valéry

    I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

    View all posts

    Leave a Comment