Worm

Should I remove “Worm:Win32/Copali.B”?

Malware Removal

The Worm:Win32/Copali.B is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Worm:Win32/Copali.B virus can do?

  • Executable code extraction
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Worm:Win32/Copali.B?


File Info:

crc32: 88CB676D
md5: ad62218affe084777e9819c278e5938d
name: AD62218AFFE084777E9819C278E5938D.mlw
sha1: b81d46cadd14e7cda909c6fed83c92613526b972
sha256: ac1f02306c22eb12e89af3d350ab2338a6b4a8c21d872a847a3d0ce28667eead
sha512: 7e8b7439a9b167f8a1bcbd6b6f6088425c00040c25063cc3d3e6f6f75cb0ecff9ab46d60d499d31c52aadea0638ae054061f2161032d3a9b039387c59fb7f086
ssdeep: 3072:DVMKsWKxlGxE07ABigCFHdLYyBvzyBHNGqXgvnHZyzi0zslLFU/FzKsR:B3sWKxQ52CFHdLYKvzyZNGX/IupI2s
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

Translation: 0x0409 0x04b0
ProductVersion: 1.00
InternalName: DOCUMENT
FileVersion: 1.00
OriginalFilename: DOCUMENT.exe
ProductName: Project1

Worm:Win32/Copali.B also known as:

TotalDefenseWin32/Tnega.AVIN
MicroWorld-eScanBackdoor.VB.Agent.ABT
nProtectBackdoor.VB.Agent.ABT
CAT-QuickHealWorm.Copali.OD3
ALYacBackdoor.VB.Agent.ABT
ZillyaTrojan.Swisyn.Win32.32299
K7AntiVirusP2PWorm ( 004bad931 )
K7GWP2PWorm ( 004bad931 )
TheHackerTrojan/VB.ole
BaiduWin32.Worm.VB.bf
CyrenW32/Trojan.GUJZ-8058
SymantecTrojan.Gen
ESET-NOD32Win32/VB.OLE
TrendMicro-HouseCallWORM_COPALI_EJ200083.UVPM
AvastWin32:Agent-AXUS [Trj]
ClamAVWin.Trojan.Agent-1147760
KasperskyTrojan.Win32.Swisyn.dfkc
BitDefenderBackdoor.VB.Agent.ABT
NANO-AntivirusTrojan.Win32.Siggen6.deyzgg
ViRobotTrojan.Win32.Z.Swisyn.258048.B[h]
SUPERAntiSpywareTrojan.Agent/Gen-Beaugrit
Ad-AwareBackdoor.VB.Agent.ABT
SophosTroj/VB-HTM
ComodoTrojWare.Win32.Swisyn.DFX
F-SecureBackdoor.VB.Agent.ABT
DrWebTrojan.Siggen6.19362
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.VBObfus.dt
EmsisoftBackdoor.VB.Agent.ABT (B)
F-ProtW32/Trojan2.OLDD
JiangminTrojan/Swisyn.wsw
AviraTR/Beebone.rhwnabs
Antiy-AVLTrojan/Win32.Swisyn
MicrosoftWorm:Win32/Copali.B
ArcabitBackdoor.VB.Agent.ABT
AegisLabTroj.W32.Swisyn.dfkc!c
GDataBackdoor.VB.Agent.ABT
AhnLab-V3Trojan/Win32.Zbot
McAfeeGenericATG-FVA!AD62218AFFE0
AVwareTrojan.Win32.Generic!BT
VBA32Trojan.Swisyn
PandaGeneric Malware
ZonerI-Worm.VB.OLE
TencentWin32.Trojan.Swisyn.Lori
YandexTrojan.Swisyn!pJglm6aTiAU
IkarusTrojan.Win32.Swisyn
FortinetW32/VB.OIT!worm
AVGVB2.ADGJ
Baidu-InternationalTrojan.Win32.Swisyn.aIA
Qihoo-360Win32/Trojan.BO.1c7

How to remove Worm:Win32/Copali.B?

Worm:Win32/Copali.B removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment