Win32.Gbot.lwp

Win32.Gbot.lwp Description

Win32.Gbot.lwp is a terrible backdoor Trojan infection which is downloaded and installed manually through social networks in the background. Win32.Gbot.lwp circulates and copies itself rapidly without you authorization. Once Win32.Gbot.lwp is installed, it comes bundled with a lot of other malware components constantly. Win32.Gbot.lwp also downloads and executes infected files by connecting to an external server stealthily. Once active, Win32.Gbot.lwp steals and sends out private details to remote attackers. Win32.Gbot.lwp is able to change certain important system files for illegitimate intentions. You should remove Win32.Gbot.lwp to safeguard your computer.

Technical Information

Registry Details

Win32.Gbot.lwp creates the following registry entry or registry entries:
RegistryKey
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Options
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Text
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Settings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\RTF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpa
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Word6
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ XTray.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\IP
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Write

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.

By ESGI Advisor in Backdoors