Virus

Virus:Win32/Swog information

Malware Removal

The Virus:Win32/Swog is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Virus:Win32/Swog virus can do?

  • Uses Windows utilities for basic functionality
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Deletes executed files from disk
  • Touches a file containing cookies, possibly for information gathering
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Virus:Win32/Swog?



File Info:

name: 23596C46BE83B3C2F16B.mlw
path: /opt/CAPEv2/storage/binaries/79df4b33a3164425155256bbcb7f986532b17ac28b011df53da199f5f8e5e3d1
crc32: D449E01D
md5: 23596c46be83b3c2f16b21287f53b905
sha1: 43f05e92843348389940ff3c08795e8e2e59d76a
sha256: 79df4b33a3164425155256bbcb7f986532b17ac28b011df53da199f5f8e5e3d1
sha512: da48d2bf12085206da727131bddbd6ee680ca00231c60e4ce7a58a8e9f8144a211e7d683e493cee4c22f3b6b7db28d7d0c14e7f9f97c77e738cdc35d40b7ff05
ssdeep: 3072:BN0GPaXTWQmnfizgd3AWO0/5OXb6e4jRoRicExK6zzama+9eQrso:ErC8P4Ef2zzRaee
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EC049E013BED87A7F225A4B0E8D9FE2D6E50B9F9462F9D63BBA084353C799D46434301
sha3_384: 63360ec39c01283d6c5d5247d63c89c3145f280aadc826c55e2a759dfb94bfcaaa8d0c6066917a7a11e8861be188172c
ep_bytes: 558bec6aff68b0414100683cf7400064
timestamp: 2011-11-08 10:53:30


Version Info:

Comments: 
CompanyName: 
FileDescription: 
FileVersion: 
InternalName: 
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: 
PrivateBuild: 
ProductName: 
ProductVersion: 
SpecialBuild: 
Translation: 0x0804 0x04b0

Virus:Win32/Swog also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader5.12222
MicroWorld-eScanGen:Variant.Doina.10041
ClamAVWin.Trojan.Genome-466
McAfeeGeneric BackDoor.ze
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.Packed.Win32.12863
SangforSuspicious.Win32.Save.ins
K7AntiVirusTrojan-Downloader ( 004e7be51 )
K7GWTrojan-Downloader ( 004e7be51 )
Cybereasonmalicious.284334
BitDefenderThetaGen:NN.ZexaF.36722.ku0@aal4PSfb
VirITTrojan.Win32.Agent2.BLKJ
CyrenW32/Genome.ZZSD-7055
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32Win32/TrojanDownloader.Agent.RHE
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Doina.10041
NANO-AntivirusTrojan.Win32.Agent.wmnzw
AvastWin32:DropperX-gen [Drp]
TencentMalware.Win32.Gencirc.10b1d371
EmsisoftGen:Variant.Doina.10041 (B)
F-SecureTrojan.TR/Agent.175589685
VIPREGen:Variant.Doina.10041
TrendMicroTROJ_AGENT_022378.TOMB
McAfee-GW-EditionBehavesLike.Win32.Generic.ch
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.23596c46be83b3c2
SophosMal/Inject-DN
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Doina.10041
JiangminTrojan/Generic.plaa
WebrootW32.Malware.Gen
AviraTR/Agent.175589685
MAXmalware (ai score=86)
Antiy-AVLTrojan[Dropper]/Win32.Agent
XcitiumTrojWare.Win32.TrojanDownloader.Agent.RHEE@4ppp3q
ArcabitTrojan.Doina.D2739
ViRobotTrojan.Win32.Agent.176128.AW
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftVirus:Win32/Swog.gen
GoogleDetected
AhnLab-V3Trojan/Win32.Agent.R26932
VBA32BScope.Trojan.Downloader
ALYacGen:Variant.Doina.10041
TACHYONTrojan/W32.Agent.176128.ANZ
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_AGENT_022378.TOMB
RisingTrojan.Generic@AI.97 (RDML:SVRdGtl0KADaWuBcwRpsjQ)
IkarusTrojan.Win32.Genome
FortinetW32/Inject.DN!tr
AVGWin32:DropperX-gen [Drp]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Virus:Win32/Swog?

Virus:Win32/Swog removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment