What is “Win32/Goblin.D.Gen”?

The Win32/Goblin.D.Gen is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Goblin.D.Gen virus can do?

Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Win32/Goblin.D.Gen?


File Info:
crc32: C21FD355
md5: b3bf8d6a4be161b698663ff271823f7a
name: B3BF8D6A4BE161B698663FF271823F7A.mlw
sha1: ed0f1ca1b7aa80f423e6e86a29ea726c73b4765f
sha256: d74bc1ae6ae4f8184d1d72fd97f250b0e0c1ca4bb66a74781eeef914fdba5993
sha512: b661e23217b773cf5492f1efdc4a8d7753e842e616a7a580a53324f3f0f2bd2598407aa8cb3ffa330d3157382a5bb40c335c2034584667172df0baaaafe32a2e
ssdeep: 3072:Se9Dvi5JV2x3l0XGfqN+qvFun8F3UVjGQQE7GLq+qx20NJX2/GAXh:vY2x3l0WTTNJ
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright (C) 1990-2000  InstallShield Software Corp
InternalName: Setup Launcher
FileVersion: 6, 22, 100, 1441
CompanyName: InstallShield Software Corporation
ProductName: InstallShield (R)
ProductVersion: 6, 22
FileDescription: InstallShield (R) Setup Launcher
OriginalFilename: Setup.exe
Translation: 0x0409 0x04b0

Win32/Goblin.D.Gen also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 004493d41 )
Elastic	malicious (high confidence)
ALYac	Win32.XPaj.D.1.Dam
CrowdStrike	win/malicious_confidence_70% (D)
Alibaba	Virus:Win32/Goblin.6e303c0a
K7GW	Trojan ( 004493d41 )
Cybereason	malicious.a4be16
Baidu	Win32.Virus.Xpaj.a
ESET-NOD32	Win32/Goblin.D.Gen
APEX	Malicious
Avast	Win32:WrongInf-A [Susp]
Cynet	Malicious (score: 99)
BitDefender	Win32.XPaj.D.1.Dam
MicroWorld-eScan	Win32.XPaj.D.1.Dam
Tencent	Win32.Virus.Goblin.Pftf
Ad-Aware	Win32.XPaj.D.1.Dam
Sophos	Mal/Generic-S
Comodo	Malware@#ogf8m57hzozn
BitDefenderTheta	AI:FileInfector.08EB496B12
McAfee-GW-Edition	BehavesLike.Win32.Ransomware.fz
FireEye	Generic.mg.b3bf8d6a4be161b6
Emsisoft	Win32.XPaj.D.1.Dam (B)
SentinelOne	Static AI – Suspicious PE
Avira	W32/Xpaj.C
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Win32.XPaj.D.1.Dam
AhnLab-V3	Malware/Win32.Generic.C2761925
McAfee	Artemis!B3BF8D6A4BE1
MAX	malware (ai score=99)
Panda	Trj/CI.A
Ikarus	Virus.Win32.Goblin
MaxSecure	Trojan.Malware.300983.susgen
AVG	Win32:WrongInf-A [Susp]
Paloalto	generic.ml

How to remove Win32/Goblin.D.Gen?

Win32/Goblin.D.Gen removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X