Trojan

Trojan.Win32.Witch.ghs malicious file

Malware Removal

The Trojan.Win32.Witch.ghs is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Witch.ghs virus can do?

    How to determine Trojan.Win32.Witch.ghs?

    

    File Info:
    
crc32: 655323DE
    md5: 6ab1ec63e2fffc004458913a3cc719ff
    name: 6AB1EC63E2FFFC004458913A3CC719FF.mlw
    sha1: e572879e1a1874871e2d0b6791ab91bfd3b4d315
    sha256: 8d2e7eee5fce832b9bf39b2235c0a8567060aefd46b3660af5582990b0b83c10
    sha512: a7d88817b22e3857397977356ae1f03ab987c39e7a38bb6fc4f045910b1631f0785711a73de30d633f9c1a8ffb34b750be87d12a1590dc4957e5308e816a3fb1
    ssdeep: 98304:91OwH+OCY9PtOJ7KDS9Pr7u6wDzquBMxmayPFWYZlHQKD6b/DLrdLmysRs7i:91OwejC6vuBfbCmddWYvQy6brRhi
    type: PE32 executable (GUI) Intel 80386, for MS Windows
    

    Version Info:
    
LegalCopyright: Copyright (c) 1999-2010 Igor Pavlov
    InternalName: 7zS.sfx
    FileVersion: 9.20
    CompanyName: Igor Pavlov
    ProductName: 7-Zip
    ProductVersion: 9.20
    FileDescription: 7z Setup SFX
    OriginalFilename: 7zS.sfx.exe
    Translation: 0x0409 0x04b0

    Trojan.Win32.Witch.ghs also known as:

    K7AntiVirusAdware ( 00581def1 )
    Elasticmalicious (high confidence)
    DrWebTrojan.MulDrop18.46369
    CynetMalicious (score: 100)
    ALYacGen:Variant.Jaik.48175
    CylanceUnsafe
    K7GWAdware ( 00581def1 )
    SymantecML.Attribute.HighConfidence
    ESET-NOD32a variant of Win32/Adware.Neoreklami.LI
    APEXMalicious
    AvastWin32:Adware-gen [Adw]
    KasperskyTrojan.Win32.Witch.ghs
    BitDefenderGen:Variant.Jaik.48175
    MicroWorld-eScanGen:Variant.Jaik.48175
    Ad-AwareGen:Variant.Jaik.48175
    SophosMal/Generic-S
    BitDefenderThetaGen:NN.ZexaF.34236.@JW@ae0yKxi
    McAfee-GW-EditionGenericRXQG-KA!2198953FD517
    FireEyeGen:Variant.Jaik.48175
    EmsisoftGen:Variant.Jaik.48175 (B)
    SentinelOneStatic AI – Malicious SFX
    JiangminTrojan.Multi.equ
    AviraADWARE/Neoreklami.rfuqv
    ArcabitTrojan.Jaik.DBC2F
    ZoneAlarmTrojan.Win32.Witch.ghs
    GDataGen:Variant.Jaik.48175
    AhnLab-V3Malware/Win.Generic.C4750105
    McAfeeArtemis!6AB1EC63E2FF
    MAXmalware (ai score=86)
    VBA32Trojan.Wacatac
    MalwarebytesAdware.Neoreklami
    PandaTrj/CI.A
    RisingTrojan.Generic@ML.88 (RDMK:Tpw/GvSfvteRFFwa0WrjuA)
    IkarusPUA.Neoreklami
    FortinetAdware/Neoreklami
    AVGWin32:Adware-gen [Adw]

    How to remove Trojan.Win32.Witch.ghs?

    Trojan.Win32.Witch.ghs removal tool
    • Download and install GridinSoft Anti-Malware.
    • Open GridinSoft Anti-Malware and perform a “Standard scan“.
    • Move to quarantine” all items.
    • Open “Tools” tab – Press “Reset Browser Settings“.
    • Select proper browser and options – Click “Reset”.
    • Restart your computer.

    You may also like

    About the author

    Paul Valéry

    I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

    View all posts

    Leave a Comment