What is gs.exe | How to Remove gs.exe

What is gs.exe?

gs.exe is a legitimate process file popularly known as Greg s Command Shell. It is associated with software GS.EXE - Greg s Command Shell developed by unknown. It is located in C:\Program Files by default.

Malware programmers write virus files with malicious scripts and save them as gs.exe with an intention to spread virus on the internet.

Affected Platforms: Windows OS

How to determine if your computer is infected with gs.exe malware?

Look out for the these symptoms to check if your PC is infected with gs.exe malware:

Unstable internet connection
gs.exe occupies extra CPU space
PC processing speed slows down
Browser often redirects to irrelevant websites
Browser is bombarded with hordes of popup ads
Computer screen freezes repeatedly

Take the following steps to diagnose your PC for possible gs.exe malware attack:

Step 1: Simultaneously press CTRL+ALT+DEL keys to open Task Manager.

Step 2: If you notice the file located outside C:\Program Files perform an antivirus scan to get rid of the malware.

How to remove gs.exe malware from system using Comodo Antivirus?

Step 1: Download our award-winning Comodo Free Antivirus.

Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.

Step 3: Select Customize Configuration option and arrange installers, configuration, and file location.

Step 4: Restart your PC after the installation gets over

Step 5: Wait for Comodo Internet Security to update the antivirus.

Step 6: Proceed with the quick scan that automatically begins after the update.

Step 7: If threats are found during the scanning, you will be notified through an alert screen.

Step 8: Comodo Antivirus will remove gs.exe malware from your computer including all other malwares!

Malware Entries

Safe Entries

First Seen: 04 May 2012 at 4:33 pm

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	N/A	Executable	d849ddd52091fbf3 7b8d7d81ca702e24 a91420b7	22ef019f002a3517 0437b4ebfc45737e	Virus.Win32. Ramnit.A	No	N/A	N/A	Argentina	N/A
2	NULL	Executable	4050bf2c0426b6de 399c4cfcfd10f822 b738e5ec	acf76ddd91598a32 1f0c4d779bd9cf34	Unclassified Malware	No	1, 3, 0, 1307	NULL	Internal Submission	N/A
3	N/A	Executable	b10a506af7198046 be02b7dd27323208 6f86af8b	86a68290d5898fd5 8d9f52a7863b40f8	Application. Win32.HackTo ol.Binder.~A	No	N/A	N/A	Internal Submission	N/A
4	剑世山庄(www.jxsf8.com)	Executable	1bd38db6c83a7075 386e235e9d84bfd3 5b9404f2	1195312c00f96a38 fe52d23a27ac5ac9	Unclassified Malware	No	3, 0, 0, 30	1.00.00.20 08	Internal Submission	N/A
5	N/A	Executable	231338b8a5acbcde e38a7c959a562ac6 864ca3bf	4dc3cc32636c55b8 0c3b2455923dd965	Worm.Win32.D ropper.RA	No	1.0.0.0	1.0.0.0	Internal Submission	N/A
6	N/A	Executable	44b67b4ba2fff74d a95e2cdb28ef51ec 928b24b9	497a28ee6a3b93d7 2308cc9f6b670882	Worm.Win32.D ropper.RA	No	1.0.0.0	1.0.0.0	Internal Submission	N/A
7	N/A	Executable	1ead5bb9c431ca96 a5169970ff047a29 c0359335	fb4060858417ccc4 58d985c996b1b75d	Packed.Win32 .MUPX.Gen	No	N/A	N/A	Internal Submission	N/A
8	NULL	Executable	2b497a2ed0d7971c 086ebad4d152ca97 6526cf4f	fac45c09e6f8507b 5a7fe90f78d7da55	Unclassified Malware	No	3, 3, 8, 1	NULL	Internal Submission	N/A
9	N/A	Executable	d225309a6041fc7f 30799d1302bf13a4 bf5fbb38	cb58369ab70a66b5 67cf00fe0b18f352	Worm.Win32.D ropper.RA	No	1.0.0.0	1.0.0.0	10.224.1.115/32	N/A
10	N/A	Executable	d13ba528cd2ba517 ceca2cb034919c99 4b9e8013	01abd845885a789c 477cf4568863444d	Backdoor.Win 32.Curioso.~ dy02	No	N/A	N/A	10.224.1.21/32	N/A

Prev 1 2 3 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Safe Entries

First Seen: 13 February 2009 at 12:50 am

No.	Company	File Type	SHA1	MD5	Digitally Signed	File Version	Product Version	Submitted From
1	N/A	Executable	fd45be3885a7d28c 3bb7a57830bdeaba f2c8492e	de4af10d11dbe711 609ac898532e8753	No	N/A	N/A	Internal Submission
2	N/A	Executable	4bf1543174ee8dc1 2ff2a77332e05a83 c56a7b20	41435513c676679e 8f405cb98fc5db03	No	N/A	N/A	10.224.25.45/32
3	Expert System Solutions s.r.l.	Executable	b97d05013cc75fdb be1695b086d3b84e 6db6e7aa	6e826bda4ee26809 140eecd0d3fa5bc3	No	332.2007.0 286	332.2007.0 286	United States
4	剑世山庄(www.jxsf8.com)	Executable	5d219d18c89d5bb5 e42d0342432769f8 1a86acb5	293e832e573da4e0 991a9a32ee2dd72c	No	3, 0, 0, 30	1.00.00.20 08	10.224.1.117/32
5	N/A	Executable	f44d19afef8f7002 95fe26ce848f9af9 1a33c591	baeffc060d36d382 1f68774f9b1b5f97	No	N/A	N/A	United States
6	N/A	Executable	19fbd8f28ea5e398 72f77f9bb31553a7 d3b82de8	a499d5cb7a3a4af9 a3f10a4a83d7c95d	No	N/A	N/A	United States
7	N/A	Executable	65b35e7a5d5bfb58 9eac163a31bf8010 8a1e5853	c815b2079e5aa322 f517fcbac3036552	No	N/A	N/A	10.224.1.54/32
8	N/A	Executable	b8dc70c5b61106f1 07379f866e938545 513da521	9c7008912247bd43 4b2e166ff063c1e1	No	N/A	N/A	10.224.25.96/32
9	N/A	Executable	8fa3e383cfb1222f e74b864f32b3ca95 a95c2804	311c217942b74eac a4c0e68d071e553a	Yes	N/A	N/A	10.108.22.205/32
10	Hobl & Pech	Executable	31ef1e70d39c7ad1 f39869cfd35c1382 9cfa25dc	414ebbc4b1b01892 69989999ed3301a8	No	4.7.130.37 9	0.4.0.0	United States
11	N/A	Executable	c13900fa08fb9664 7bebd749bd9dc757 6fb5036f	9c123a5f403e3483 a8817d7b8ba51900	No	N/A	N/A	10.108.22.185/32
12	N/A	Executable	43723c9d8be766f7 24d8d10a54cc558b aa25ac5b	900b0a35a62e92f6 9bc813cac69b8d1a	No	N/A	N/A	10.224.25.45/32
13	N/A	Executable	2e524f5e4823e6ed 2927848f2aa7eb8d 5a68ef43	ec457b1edb854dbc 4f0373c5366e722d	No	N/A	N/A	104.236.253.252/32
14	N/A	Executable	aaeb514ac7a19f46 10b03be5f9005175 bba64957	6a12cbc61a1b7aa9 295d3848f0ce7526	No	N/A	N/A	United States
15	N/A	Executable	ffbdcef9264a7828 4120ea8f0c89c83a 5aa46210	901dff8000c7224c 5b9559701dc2016e	No	N/A	N/A	United States
16	N/A	Executable	43723c9d8be766f7 24d8d10a54cc558b aa25ac5b	900b0a35a62e92f6 9bc813cac69b8d1a	No	N/A	N/A	United States
17	N/A	Executable	062d332f37684477 e90be8fe8baedb72 6e803d02	6f1a4f34e92e5f81 87a586c2e03d74d0	No	N/A	N/A	Internal Submission
18	N/A	Executable	7e915490520d66c9 d7663a97420650d1 a407a2cd	4e5b1b2899c27be4 ecb9cbbc9fac02b8	No	N/A	N/A	104.238.128.144/32
19	N/A	Executable	4bf1543174ee8dc1 2ff2a77332e05a83 c56a7b20	41435513c676679e 8f405cb98fc5db03	No	N/A	N/A	United States
20	Nicolas Manel	Executable	214d79b26f43d0bb 169545b0013c2fa4 3e5b9ae9	2c711b14e9c057d5 712cad988798fde2	No	4.06.0457	4.06.0457	Hungary
21	Kucharczyk Techniki Elektroforetyczne	Executable	3fdf84c2ddbeed04 7d2a73ed579dd5c6 60c62c90	d496fe8a773b7b0a 63cd381134f64579	No	2, 0, 0, 1	2, 0, 0, 1	United States
22	N/A	Executable	e32260a0352edd3e f39cfaf540249804 de94168e	7f5eb3fc78749a22 39d7fefe1a1311c0	No	N/A	N/A	Internal Submission
23	N/A	Executable	516dce9e867e4152 4d0705f6d45efdc7 76032c39	58b34d3048ab93e5 471d871f41fcc198	No	N/A	N/A	United States
24	AA	Executable	879a7432e8b5d16d 455956c13bc0d638 82e74cc6	6a1111d19c3a71d4 f15c3757494d657a	No	1.00	1.00	Internal Submission
25	AA	Executable	4d6d100d782d1b0d a46204cb68ae5e52 f6b86a47	bb74feae1bafb25e ba5c61494126cc74	No	1.00	1.00	Internal Submission
26	N/A	Executable	f8a88458b69b3ab4 a4b60848e38c3d1a 5db2d48a	0f59e1134f7d133c 668a78568f470ce9	No	N/A	N/A	United States
27	N/A	Executable	632233c567040c66 74a17727d57849b0 31add81b	073c05ee8f066081 c0fa287a07cec2da	No	N/A	N/A	Russian Federation
28	Home	Executable	c5460435629f7316 391ceed34ac3387a 07c84ddc	91756f7d46000ec0 55a68f40071ad42e	No	1.0.0.1	1.0.0.1	Internal Submission
29	N/A	Executable	a13b9e0a06b22ad7 75e5f8fe9e0d7f7f be2b618f	8dee076497ce17d0 6d2fa6e362da5de7	No	N/A	N/A	10.224.1.60/32
30	N/A	Executable	8de3d3c38a6fc27e 461ab85a0cec77c8 38b5fea6	1d33730ce14a50f2 e6cd61fcc0d92a58	No	N/A	N/A	Internal Submission
31	Klingenburg GmbH	Executable	ff1dcdb9a4ce6210 d0c504b18f929676 269ed525	e1a068224b5c7e1b 4a296e1eea19e157	No	0.7.0.12	07/12	Poland
32	AA	Executable	2f50263758ee348b b4e7cabdd3c3d170 5a44d3fd	6d3816eed219c59c 247f8675b9be953a	No	1.00	1.00	Internal Submission
33	N/A	Executable	0695cfe3b59ee7c2 c647d90eb582aafb 7a32e0d9	c14f1892b22db65f be7b821c374b992f	No	N/A	N/A	104.236.253.252/32
34	N/A	Executable	8366da13f10badcf 587125fe0a4e5fff a8fda9c0	0eba8d23ba3ae5db c3b842fecc395653	No	N/A	N/A	Internal Submission
35	N/A	Executable	8fa3e383cfb1222f e74b864f32b3ca95 a95c2804	311c217942b74eac a4c0e68d071e553a	Yes	N/A	N/A	104.238.128.144/32
36	N/A	Executable	e8bea3617782e3e7 d5c116d7f2e1a82f 056364bb	e60b3167c009ddbd 16ced4a6eafc17ed	No	N/A	N/A	United States
37	N/A	Executable	853941f11a2d61f9 8aa861860d63101d be0a1373	09365970712a51d4 e9c1fe9b1a4fa14a	No	N/A	N/A	France
38	N/A	Executable	a02ac08b38bc7b5c e494e1c9ab6bbc65 60c026cc	bf4a9cf4f6072260 efec093a9c7e4474	No	N/A	N/A	United States
39	N/A	Executable	ce2711113043f4ab 2418db1c13bb74d2 2a8c3f0a	5cd1cb39fbe5cbc3 bf84174db4cd631d	No	N/A	N/A	United States
40	N/A	Executable	f56ea8570695ca4c f288b6cff90f6385 65be6b81	c9d51152a0354c04 d4cdfd0489ab3387	No	N/A	N/A	Internal Submission
41	AA	Executable	6ad7127c82dad537 09732ec7ace704f7 170c9089	86df5929dfc8c4c0 a875631ec0e4ceb9	No	1.00	1.00	United States
42	N/A	Executable	45371685f38a341d 63484a9060f26cff 39a1b083	bc5bf9db7e0c1573 8d2352a448deea32	No	N/A	N/A	104.238.128.144/32
43	N/A	Executable	99b1da426f5037d6 81ecc8cea0f04533 6a3a30ed	c499d1c4eaf3abb2 40f2513183d08b0a	No	N/A	N/A	United States
44	N/A	Executable	7878865bd210c2a7 16dbc384474cf3c6 d1cc29e7	5a9e1194b69b3e91 425df038d66cd277	No	N/A	N/A	Poland
45	Custom Micro Works	Executable	edaac708acc9e539 08aa2ace5a6d1a04 e154499e	00c7749faf3ace78 c14ea475f86299b4	No	1.32.0412	1.32.0412	Internal Submission

Prev 1 2 3...12 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Malware Search Engine

How to Remove “gs.exe”

What is gs.exe?

How to determine if your computer is infected with gs.exe malware?