UDS:Trojan-Proxy.Win32.Hioles removal tips

The UDS:Trojan-Proxy.Win32.Hioles is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What UDS:Trojan-Proxy.Win32.Hioles virus can do?

The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine UDS:Trojan-Proxy.Win32.Hioles?


File Info:
name: 4584635BAF1C94A1FC17.mlw
path: /opt/CAPEv2/storage/binaries/0504db21f221822fe6b18833e946bfb99e0d523b5a2fce43671ea8b3018f07ae
crc32: B9230CB8
md5: 4584635baf1c94a1fc177073a0101920
sha1: d36a5deedd1b803a58ffe904ecf41626a19b056e
sha256: 0504db21f221822fe6b18833e946bfb99e0d523b5a2fce43671ea8b3018f07ae
sha512: 453cd9f88b99692912b1ffa646a7ea6f8179706dabb02230b58c35dbe647c4dd5a0464fd4e1580e24af79fb386283dd71184c17fb076d1c3c9d61bb11f9e67a8
ssdeep: 196608:WQ1FEbLzgf+UasXXRIcx3aLSwfuJoogjUel:L/I8asXTaLSwfumogjUel
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T1D46633996BF62508F2F63B305A79B63D39763EAA9C34CE1D004440DA9C72A60DC72737
sha3_384: c6690b8357c4646e489caed5a41b5b006fddb49b02721d729581023823dd25d8b69218eadaefe64c92d8e710d46f7d9f
ep_bytes: 56be0f423226e8422f01008d642408e9
timestamp: 2024-04-18 19:20:46

Version Info:
CompanyName: Microsoft Corporation
FileDescription: AAD Token Broker Helper Library
FileVersion: 10.0.14393.321 (rs1_release_inmarket.161004-2338)
InternalName: aadtb.dll
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: aadtb.dll
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.14393.321
Translation: 0x0409 0x04b0

UDS:Trojan-Proxy.Win32.Hioles also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Trojan.Heur2.@N8@IewsdThi
FireEye	Gen:Trojan.Heur2.@N8@IewsdThi
Skyhigh	BehavesLike.Win32.Sality.vc
ALYac	Gen:Trojan.Heur2.@N8@IewsdThi
Cylance	unsafe
BitDefenderTheta	AI:Packer.A166DA731D
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Packed.VMProtect.BC suspicious
Kaspersky	UDS:Trojan-Proxy.Win32.Hioles
BitDefender	Gen:Trojan.Heur2.@N8@IewsdThi
Emsisoft	Gen:Trojan.Heur2.@N8@IewsdThi (B)
VIPRE	Gen:Trojan.Heur2.@N8@IewsdThi
Sophos	Mal/Generic-S
Arcabit	Trojan.Heur2.ECEA2E
ZoneAlarm	UDS:Trojan-Proxy.Win32.Hioles
GData	Gen:Trojan.Heur2.@N8@IewsdThi
MAX	malware (ai score=84)
Rising	Trojan.Generic!8.C3 (TFE:6:LjhVC6y4C8I)
DeepInstinct	MALICIOUS
alibabacloud	Trojan:Win/Packed.VMProtect.BW

How to remove UDS:Trojan-Proxy.Win32.Hioles?

UDS:Trojan-Proxy.Win32.Hioles removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X