Win32/Injector.BGXC removal tips

The Win32/Injector.BGXC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Injector.BGXC virus can do?

Sample contains Overlay data
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Win32/Injector.BGXC?


File Info:
name: E6B34E975BA344BB900F.mlw
path: /opt/CAPEv2/storage/binaries/b5ae27db435d08b964a3c8111e12f0cface50ee7b16fde7c91bd54b12b378838
crc32: 0BB83490
md5: e6b34e975ba344bb900f11ad0ddaadb1
sha1: c1e4c284057a92bc4b47e97934c8cce6033c20e2
sha256: b5ae27db435d08b964a3c8111e12f0cface50ee7b16fde7c91bd54b12b378838
sha512: cf097c6596070ecfa9e6baf5798354a17c4a83fac03a130b296c12e66653a47bcc1353911da57dba8e14556eb8887a0df999a2ce265f2300b29533f637173580
ssdeep: 1536:5e2pciNi+yTscB/+7xawIc7X5BJzvZjiaDqf9+PilsYKpW:vLWscB/aAwVJnzNiaG1fU0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F615F55197407958C8BB03B48DEEAAE67B351D24C726D8A6F34229DF87D127183D1F83
sha3_384: ff49d68b30e846bf945cf21934fa968f9c03eef5cf54839c092e503cb4486b66930731c11d3afa827507f1926706544e
ep_bytes: 68789d4400e8f0ffffff000050000000
timestamp: 2014-06-15 16:17:49

Version Info:
Translation: 0x0409 0x04b0
Comments: Þ2QIBwì±8EnòaèœœsÁmz
CompanyName: žKj7rt£žnœBìH™svÚõjœ
FileDescription: ™kyVdžHzƒzyoœò1ÞDQDz
LegalCopyright: £võœœæO±žÚzs1œ3BBOœB
LegalTrademarks: zœ«zOõ3qsœwõZžœÞõMžh
ProductName: 4xkœÚ±uœ0sòÚFHkœBèHÞ
FileVersion: 7.01.0022
ProductVersion: 7.01.0022
InternalName: limpo
OriginalFilename: limpo.exe

Win32/Injector.BGXC also known as:

Bkav	W32.AIDetect.malware1
DrWeb	Trojan.KillFiles.16371
MicroWorld-eScan	Gen:Variant.Barys.319924
FireEye	Generic.mg.e6b34e975ba344bb
CAT-QuickHeal	Trojan.VBCrypt.MF.82
ALYac	Gen:Variant.Barys.319924
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.vb
CrowdStrike	win/malicious_confidence_100% (W)
K7GW	Trojan ( 0049d96f1 )
K7AntiVirus	Trojan ( 0049d96f1 )
Arcabit	Trojan.Barys.D4E1B4
BitDefenderTheta	Gen:NN.ZevbaF.34698.6m3@aWkt8Qpi
VirIT	Trojan.Win32.Inject2.AVPP
Cyren	W32/VBKrypt.ALQ.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Injector.BGXC
APEX	Malicious
ClamAV	Win.Dropper.DarkKomet-9204913-0
Kaspersky	Trojan.Win32.Agent.nesavs
BitDefender	Gen:Variant.Barys.319924
NANO-Antivirus	Trojan.Win32.KillFiles.fmiltx
Avast	Win32:TrojanX-gen [Trj]
Rising	Worm.Rebhip!8.B31 (TFE:3:0hsExmn7lzQ)
Ad-Aware	Gen:Variant.Barys.319924
Emsisoft	Gen:Variant.Barys.319924 (B)
Comodo	TrojWare.Win32.VB.DRPF@5hzrzj
VIPRE	Gen:Variant.Barys.319924
TrendMicro	TROJ_GEN.R014C0PJ622
McAfee-GW-Edition	GenericRXAE-LP!E6B34E975BA3
Trapmine	malicious.moderate.ml.score
Sophos	ML/PE-A
SentinelOne	Static AI – Suspicious PE
Jiangmin	Trojan/Agent.hzsy
Google	Detected
Avira	TR/Symmi.olaks
MAX	malware (ai score=83)
Antiy-AVL	Trojan/Generic.ASMalwS.51F4
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Gen:Variant.Barys.319924
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Symmi.R139961
Acronis	suspicious
McAfee	GenericRXAE-LP!E6B34E975BA3
TACHYON	Trojan/W32.VB-Agent.954422
VBA32	Trojan.Agent
Malwarebytes	Trojan.Injector
TrendMicro-HouseCall	TROJ_GEN.R014C0PJ622
Tencent	Trojan.Win32.Agent.hx
Yandex	Trojan.GenAsa!03KA44XY5WM
Ikarus	Trojan.Win32.Injector
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Injector.BLMO!tr
AVG	Win32:TrojanX-gen [Trj]
Cybereason	malicious.75ba34
Panda	Trj/GdSda.A

How to remove Win32/Injector.BGXC?

Win32/Injector.BGXC removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X