Trojan

Trojan:Win32/Gaobot removal guide

Malware Removal

The Trojan:Win32/Gaobot is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Gaobot virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan:Win32/Gaobot?



File Info:

name: C99B8C53AEDEFD3929E1.mlw
path: /opt/CAPEv2/storage/binaries/c78993f30c55cf1156d96f0f72cb8d57f747cfabc2b2bd867e44331d2afd29f6
crc32: 642986BC
md5: c99b8c53aedefd3929e110fe0e4caa1a
sha1: 06b5779b47297ff51afa12497c85e6e93ee6ee4c
sha256: c78993f30c55cf1156d96f0f72cb8d57f747cfabc2b2bd867e44331d2afd29f6
sha512: 7de45a99791aa49d27f3fbecdaf919e66a6fc2762a224050c314990c28ef369c108c14e0729067f1a7cb4ed5435d9f032e8c2142d4f9a28b7a4980f3e6136441
ssdeep: 6144:bz8K/m4ojo5iRErTFG1XweWDm1VJSLaHg1m/:fss5iREHFGxJzH1
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B814122EE192E33CE406A67F565ECA70B53030BC99F2180ACB4DF1DC92B66257FD5849
sha3_384: b541404c9fa27eaa6866143f98b9d2157ebf028e7daa513000818935ef9c90a7e754be21a06cba77e623851e64775200
ep_bytes: eb022a12e83f1d0000644a56e3b767b1
timestamp: 2004-04-10 05:02:33


Version Info:

0: [No Data]

Trojan:Win32/Gaobot also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Generic.lhbk
Elasticmalicious (high confidence)
MicroWorld-eScanDeepScan:Generic.Sdbot.382E4542
FireEyeGeneric.mg.c99b8c53aedefd39
ALYacBackdoor.Agobot.gen
CylanceUnsafe
VIPREDeepScan:Generic.Sdbot.382E4542
SangforTrojan.Win32.Agobot.ML
K7AntiVirusBackdoor ( 0057b41a1 )
BitDefenderDeepScan:Generic.Sdbot.382E4542
K7GWBackdoor ( 0057b41a1 )
Cybereasonmalicious.3aedef
VirITBackdoor.Win32.Agobot.FG
CyrenW32/Risk.ZEEC-7263
SymantecW32.HLLW.Gaobot.gen
tehtrisGeneric.Malware
ESET-NOD32Win32/Agobot.ML
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.Trojan-358
KasperskyBackdoor.Win32.Agobot.lo
AlibabaBackdoor:Win32/Agobot.d2bda3c7
NANO-AntivirusTrojan.Win32.Agobot.fuiu
ViRobotWorm.Win32.Agobot.200192.I
RisingTrojan.Gaobot!8.2AE8 (CLOUD)
Ad-AwareDeepScan:Generic.Sdbot.382E4542
EmsisoftDeepScan:Generic.Sdbot.382E4542 (B)
ComodoBackdoor.Win32.Agobot.ML@1mnx
DrWebWin32.HLLW.Agobot.776
ZillyaBackdoor.Agobot.Win32.1192
TrendMicroWORM_AGOBOT.ZM
McAfee-GW-EditionBehavesLike.Win32.Sality.cc
Trapminemalicious.high.ml.score
SophosML/PE-A + W32/Agobot-ZY
IkarusBackdoor.Win32.Agobot
JiangminBackdoor/Agobot.ml
WebrootW32.Trojan.Agobot
AviraWORM/AgoBot.ML
MAXmalware (ai score=100)
KingsoftWin32.Hack.Agobot.lo.(kcloud)
MicrosoftTrojan:Win32/Gaobot.gen
GDataDeepScan:Generic.Sdbot.382E4542
CynetMalicious (score: 100)
AhnLab-V3Worm/Win32.IRCBot.R32389
McAfeeW32/Gaobot.m.gen.k
TACHYONTrojan/W32.Agent.200192.DM
VBA32Trojan.Wacatac
MalwarebytesMalware.AI.4193990618
PandaTrj/Genetic.gen
ZonerProbably Heur.ExeHeaderL
TrendMicro-HouseCallWORM_AGOBOT.ZM
TencentWin32.Backdoor.Agobot.Tafb
YandexBackdoor.Agobot.OH
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.39320.susgen
FortinetW32/Agobot.RY!worm
BitDefenderThetaAI:Packer.83AB138A1F
AVGWin32:GaoBot-BXR [Wrm]
AvastWin32:GaoBot-BXR [Wrm]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan:Win32/Gaobot?

Trojan:Win32/Gaobot removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment