Trojan

How to remove “Trojan.Win32.Witch.gjs”?

Malware Removal

The Trojan.Win32.Witch.gjs is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Witch.gjs virus can do?

  • Reads data out of its own binary image
  • Drops a binary and executes it
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Network activity detected but not expressed in API logs
  • Attempts to disable Windows Defender

How to determine Trojan.Win32.Witch.gjs?



File Info:

crc32: 2F8D2C88
md5: 08a41ce5bb366fa88b0a6ad9feae352f
name: 08A41CE5BB366FA88B0A6AD9FEAE352F.mlw
sha1: ae5722665374728d9f455b9d86016a4f2eb73f80
sha256: 7f4b01d04010b711b5dde08c9e75ac0e403df7f21ff01f9a65986078da0f34de
sha512: 8c22ae7044b19abe1977fefc0ec6df3af3ffdede4bf8f04b8f29e6ef6b74952d24843316230aba7e12be6b5993ae8e18da50e6f7778e4e5cb8b1185bacf9abe7
ssdeep: 98304:91OhuOxf+egcnIx6IMj9bRxdAzsEob8Usl8xo8xwO5M9CjQSoh1nqiFBCw:91OJxHcIvQzsImxjxwO93obnv6w
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (c) 1999-2010 Igor Pavlov
InternalName: 7zS.sfx
FileVersion: 9.20
CompanyName: Igor Pavlov
ProductName: 7-Zip
ProductVersion: 9.20
FileDescription: 7z Setup SFX
OriginalFilename: 7zS.sfx.exe
Translation: 0x0409 0x04b0

Trojan.Win32.Witch.gjs also known as:

LionicTrojan.Win32.Witch.4!c
Elasticmalicious (high confidence)
DrWebTrojan.MulDrop18.46787
ALYacGen:Variant.Jaik.48175
MalwarebytesAdware.Neoreklami
AlibabaTrojan:Win32/Witch.86a1dc0b
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Adware.Neoreklami.LI
APEXMalicious
AvastWin32:Adware-gen [Adw]
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Witch.gjs
BitDefenderGen:Variant.Jaik.48175
MicroWorld-eScanGen:Variant.Jaik.48175
Ad-AwareGen:Variant.Jaik.48175
SophosGeneric PUA KO (PUA)
BitDefenderThetaGen:NN.ZexaF.34266.@JW@aGkWM9p
TrendMicroTROJ_GEN.R002C0WK421
McAfee-GW-EditionBehavesLike.Win32.Dropper.vc
FireEyeGen:Variant.Jaik.48175
EmsisoftGen:Variant.Jaik.48175 (B)
SentinelOneStatic AI – Malicious SFX
AviraTR/ATRAPS.Gen4
MicrosoftTrojan:Win32/Wacatac.A!ml
ArcabitTrojan.Jaik.DBC2F
GDataGen:Variant.Jaik.48175
McAfeeArtemis!08A41CE5BB36
MAXmalware (ai score=84)
TrendMicro-HouseCallTROJ_GEN.R002H07K421
RisingTrojan.Generic@ML.86 (RDMK:6P5XG+xcBL1O/bpXKdpbOA)
FortinetAdware/Neoreklami
AVGWin32:Adware-gen [Adw]
Paloaltogeneric.ml

How to remove Trojan.Win32.Witch.gjs?

Trojan.Win32.Witch.gjs removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment