What is “Trojan:Win32/Glupteba.PB!MTB”?

The Trojan:Win32/Glupteba.PB!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan:Win32/Glupteba.PB!MTB virus can do?

• Executable code extraction
• Creates RWX memory
• Drops a binary and executes it
• Unconventionial language used in binary resources: Spanish (Colombia)
• The binary likely contains encrypted or compressed data.
• Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
• Installs itself for autorun at Windows startup
• Creates a copy of itself
• Anomalous binary characteristics

How to determine Trojan:Win32/Glupteba.PB!MTB?

File Info:
crc32: B83D5A1C
md5: d9134a1a55392d74625d31b63f56d22c
name: D9134A1A55392D74625D31B63F56D22C.mlw
sha1: af9b0a2a2e53f7ca3722978e36fb2ef3b5d68b4f
sha256: 28ddbac06dfbd1d0e8240b60dd28693b2e8ce8ddd1f0cac4bcf9f3d51f2a0ac7
sha512: 8cf22cd27e08d247a4be40bdb880ed9884ab1042a7d8a40fe11a1d21c8fdda41be06a2529626aaa1d70ddd01e47a4d22c8d11f23b21fae19ba4e529dfc2abb6d
ssdeep: 3072:bJjjv5Tk3eRE+2aZLYTQh2Sm3AB+weA/cFg4twOsscryiZpYIr8y5C23X9:FP6eRYaZEe2Sm3o3/39scuim23X9
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Trojan:Win32/Glupteba.PB!MTB also known as:

How to remove Trojan:Win32/Glupteba.PB!MTB?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.