Trojan:Win32/BHO.EE removal instruction

The Trojan:Win32/BHO.EE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:Win32/BHO.EE virus can do?

Unconventionial language used in binary resources: Korean
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Trojan:Win32/BHO.EE?


File Info:
name: C222C9B13CA1243F0FBB.mlw
path: /opt/CAPEv2/storage/binaries/62e8a598f95d40d2fc168c3ff6b093314fa2f6320caf088125f59d8f490a0010
crc32: D8E90B83
md5: c222c9b13ca1243f0fbb19f28ed46e1a
sha1: c3e987cd1a645086d6ce662dee27025318483df1
sha256: 62e8a598f95d40d2fc168c3ff6b093314fa2f6320caf088125f59d8f490a0010
sha512: 2ab84d5d61695c581d41d966827aedd0895b5b1616c568441d59d7cc3742d622c4a7f9d4bce30e30f8dc10f6f991ab43325839dcd065c93fd27c6ee14486aa14
ssdeep: 12288:9yA1ZdqVfv/6HftOIA3+00wstpSdCi3TLdLOGvZZbLCVBwL:N1fqZCHwIr00taCiHpbZZXC
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T193C47E36F2D08537D137267CCD1F92949829BE303D28A846BBD42F4C9F79652792E293
sha3_384: b273c8043cde64b7b18855341c9d9e7db41d594bae584dd163997d6163a35c466dded0410f233f0b0876127f1af20104
ep_bytes: 558bec83c4c4b8889d4700e864c3f8ff
timestamp: 1992-06-19 22:22:17

Version Info:
0: [No Data]

Trojan:Win32/BHO.EE also known as:

Bkav	W32.Common.7AF7B4DF
DrWeb	Trojan.DownLoader3.35876
MicroWorld-eScan	Gen:Variant.Adware.Graftor.1113
FireEye	Generic.mg.c222c9b13ca1243f
CAT-QuickHeal	Trojan.Bho.18280
Skyhigh	GenericRXGB-ZT!C222C9B13CA1
McAfee	GenericRXGB-ZT!C222C9B13CA1
Malwarebytes	Generic.Malware.AI.DDS
Zillya	Trojan.BHO.Win32.17769
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/grayware_confidence_90% (W)
Alibaba	Trojan:Win32/ATRAPS.72686818
K7GW	Trojan ( 7000000f1 )
K7AntiVirus	Trojan ( 7000000f1 )
Symantec	Trojan.Gen
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/BHO.OCL
APEX	Malicious
TrendMicro-HouseCall	TROJ_BHO.SMUM
ClamAV	Win.Trojan.BHO-131
Kaspersky	not-a-virus:HEUR:AdWare.Win32.Delf.gen
BitDefender	Gen:Variant.Adware.Graftor.1113
NANO-Antivirus	Riskware.Win32.ijb.eaqefl
Avast	Win32:BHO-ADS [Trj]
Tencent	Malware.Win32.Gencirc.1184f66b
Emsisoft	Gen:Variant.Adware.Graftor.1113 (B)
Google	Detected
F-Secure	Trojan.TR/ATRAPS.Gen2
Baidu	Win32.Trojan.BHO.bx
VIPRE	Gen:Variant.Adware.Graftor.1113
TrendMicro	TROJ_BHO.SMUM
Sophos	Mal/BHO-BF
SentinelOne	Static AI – Suspicious PE
Jiangmin	Adware/Delf.bsl
Varist	W32/BadBHO.AJ.gen!Eldorado
Avira	TR/ATRAPS.Gen2
MAX	malware (ai score=100)
Antiy-AVL	GrayWare[AdWare]/Win32.Delf
Kingsoft	Win32.Troj.Delf.gen
Microsoft	Trojan:Win32/BHO.EE
Xcitium	TrojWare.Win32.BHO.AA@387to0
Arcabit	Trojan.Adware.Graftor.D459
ZoneAlarm	not-a-virus:HEUR:AdWare.Win32.Delf.gen
GData	Gen:Variant.Adware.Graftor.1113
Cynet	Malicious (score: 100)
AhnLab-V3	Win-Trojan/Overtls54.Gen
VBA32	Adware.CashSaver
ALYac	Gen:Variant.Adware.Graftor.1113
Cylance	unsafe
Panda	Trj/BHO.DW
Rising	Trojan.BHO!1.6681 (CLASSIC)
Yandex	Trojan.GenAsa!3pCU2WQYCpY
Ikarus	Trojan.Win32.BHO
MaxSecure	Trojan.Malware.1691337.susgen
Fortinet	W32/BHO.OCL!tr
AVG	Win32:BHO-ADS [Trj]
DeepInstinct	MALICIOUS
alibabacloud	Trojan

How to remove Trojan:Win32/BHO.EE?

Trojan:Win32/BHO.EE removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X