Virus:Win32/Gael.C malicious file

The Virus:Win32/Gael.C is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Virus:Win32/Gael.C virus can do?

Authenticode signature is invalid
CAPE detected the shellcode get eip malware family
Anomalous binary characteristics
Yara detections observed in process dumps, payloads or dropped files

How to determine Virus:Win32/Gael.C?


File Info:
name: E27D238B1ED5650E3658.mlw
path: /opt/CAPEv2/storage/binaries/1a5b45e013139f1dbfb0b47799f3f19e44b12cb283370377828595ec1a7210ab
crc32: 0CD0BCB4
md5: e27d238b1ed5650e3658167f9976872f
sha1: 4abe59e689f0265b4bc57c81a9bc24debb16d85f
sha256: 1a5b45e013139f1dbfb0b47799f3f19e44b12cb283370377828595ec1a7210ab
sha512: eacbb7a0931ce201a373090c02d6ee1f5e39c80390a2ab9cd07431e7495de7bc25f84d727eb9c4a106cfe113fb124901ae55b71eb7de92d5334475d37d0beba3
ssdeep: 24576:ZhWkyxkXF8lmoMjsdUp/Tg7E0y6uHIH/NHXcB4evUH0jJhH7ST5aKABelLKmBC5r:ZUkyxk8moMQqIH/NHXcB4evG0jJhHGTc
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T11C454932E2E0C227F0D321F982B55174B9B09C614F3701D7D6E06E2F697BAD1A171B6A
sha3_384: 53382c9167c1c08ac3c592a6867efcc1b4ebb26ee7d34b1dfccdd6853b34fad5f08c60e6b11a54e4589c090080c6f067
ep_bytes: e833bd0000e995feffff8bff558bec83
timestamp: 2013-01-18 12:59:50

Version Info:
CompanyName: NVIDIA Corporation
FileDescription: NVIDIA Settings Update Manager
FileVersion: 1.11.3.0
InternalName: nvDaemon
LegalCopyright: (C) NVIDIA Corporation. All rights reserved.
OriginalFilename: daemonu.exe
ProductName: NVIDIA Update Components
ProductVersion: 1.11.3.0
Translation: 0x0009 0x04b0

Virus:Win32/Gael.C also known as:

Bkav	W32.AIDetectMalware
MicroWorld-eScan	Win32.Gael.3666
FireEye	Generic.mg.e27d238b1ed5650e
CAT-QuickHeal	W32.Tenga.A
Skyhigh	BehavesLike.Win32.Expiro.th
ALYac	Win32.Gael.3666
Cylance	unsafe
Symantec	W32.Licum
Cynet	Malicious (score: 99)
Kaspersky	HEUR:Virus.Win32.Gael.gen
BitDefender	Win32.Gael.3666
Avast	Win32:Patched-XF [Trj]
Emsisoft	Win32.Gael.3666 (B)
F-Secure	Malware.W32/Stanit
VIPRE	Win32.Gael.3666
Sophos	Mal/Generic-S
Ikarus	Virus.Win32.Tenga
GData	Win32.Gael.3666
Google	Detected
Avira	W32/Stanit
Xcitium	Malware@#3i9fv0ee1gmft
Arcabit	Win32.Gael.3666
ZoneAlarm	HEUR:Virus.Win32.Gael.gen
Microsoft	Virus:Win32/Gael.C
Varist	W32/Tenga.1!Generic
McAfee	Artemis!E27D238B1ED5
MAX	malware (ai score=81)
Malwarebytes	Floxif.Virus.FileInfector.DDS
Panda	Trj/CI.A
Rising	Virus.Tenga!1.9BD8 (CLASSIC)
Yandex	Win32.Tenga.A
SentinelOne	Static AI – Suspicious PE
MaxSecure	Virus.W32.Miam.1727
Fortinet	W32/Gael.A!tr
AVG	Win32:Patched-XF [Trj]
Cybereason	malicious.b1ed56
DeepInstinct	MALICIOUS
alibabacloud	Virus:Win/Brontok.CS

How to remove Virus:Win32/Gael.C?

Virus:Win32/Gael.C removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X