Categories: Malware

Barys.450539 removal guide

The Barys.450539 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Barys.450539 virus can do?

Behavioural detection: Executable code extraction – unpacking
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Barys.450539?


File Info:
name: 60DD5FC5FBDF979D37F7.mlwpath: /opt/CAPEv2/storage/binaries/ebdd69737578bf75e0a122845c01a24d77ef0796e58d01e5f4ddc5bcec573c3ccrc32: 188ED6A3md5: 60dd5fc5fbdf979d37f7f6845a4b454esha1: 95cb465e22b173f3310c16956355ddf1317ea5dbsha256: ebdd69737578bf75e0a122845c01a24d77ef0796e58d01e5f4ddc5bcec573c3csha512: 3957d145fd59a16d958ba7c364d121441dadca5d2d8efdc0ead2e970030f66861dc4329055a27d4957d4bad9c3e862f5e501b68e6ef3c14c42b998421edc042bssdeep: 3072:u/bJNnPMlXs5zt5mcxNhXy2/Sc6ovQQn/9gdDCtyIyIyIyIX:grF5KrI4E/9gNCtyIyIyIyItype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1CAF329361528CAFDDE7DCAF00DEC8C3C24645E684CC0653F75EEACA491A290B4B1A776sha3_384: 8000d850d6e712a4b7b34a92c53afc57850092841e6bc0a1cfd92843bd27cab0c1537142d6a41758e999ad1ccd622e19ep_bytes: 68ec264000e8eeffffff000000000000timestamp: 2011-07-25 20:42:23
Version Info:
CompanyName: Twain Working GroupFileDescription: Twain.dll Client's 32-Bit Thunking ServerFileVersion: 1,7,1,0InternalName: Twunk_32OriginalFilename: Twunk_32.exeProductName: Twain ThunkerProductVersion: 1,7,1,0Translation: 0x0409 0x04b4

Barys.450539 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.VB.a!c
DrWeb	BackDoor.IRC.Bot.959
MicroWorld-eScan	Gen:Variant.Barys.450539
ClamAV	Win.Trojan.6371243-1
FireEye	Generic.mg.60dd5fc5fbdf979d
CAT-QuickHeal	Worm.Dorkbot.A
Skyhigh	BehavesLike.Win32.Infected.ch
McAfee	Generic Backdoor.xo
Malwarebytes	Generic.Malware/Suspicious
VIPRE	Gen:Variant.Barys.450539
Sangfor	Suspicious.Win32.Save.vb
Alibaba	TrojanDownloader:Win32/Injector.39d2875c
Cybereason	malicious.e22b17
BitDefenderTheta	Gen:NN.ZevbaF.36744.km0@aGiXyJii
VirIT	Trojan.Win32.VBCrypt.DDI
Symantec	W32.IRCBot.NG!gen5
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Injector.JCH
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	Trojan-Downloader.Win32.VB.akpk
BitDefender	Gen:Variant.Barys.450539
NANO-Antivirus	Trojan.Win32.VB.dtnvn
Avast	Win32:Ruskill-DV [Trj]
Tencent	Win32.Trojan-Downloader.Vb.Cwnw
Emsisoft	Gen:Variant.Barys.450539 (B)
F-Secure	Trojan.TR/Dropper.VB.Gen
Zillya	Trojan.Injector.Win32.686283
TrendMicro	TROJ_VB.DET
Trapmine	malicious.high.ml.score
Sophos	Mal/VBCheMan-D
Ikarus	Trojan.Win32.VBKrypt
GData	Gen:Variant.Barys.450539
Jiangmin	TrojanDownloader.VB.dthl
Webroot	W32.Malware.Gen
Google	Detected
Avira	TR/Dropper.VB.Gen
MAX	malware (ai score=100)
Antiy-AVL	Trojan[Downloader]/Win32.VB
Kingsoft	malware.kb.a.1000
Xcitium	Malware@#346686f9fc3he
Arcabit	Trojan.Barys.D6DFEB
ZoneAlarm	Trojan-Downloader.Win32.VB.akpk
Microsoft	VirTool:Win32/Injector.gen!BT
VBA32	TrojanDownloader.VB
ALYac	Gen:Variant.Barys.450539
Cylance	unsafe
Panda	Generic Malware
TrendMicro-HouseCall	TROJ_VB.DET
Rising	HackTool.Injector!8.1E2 (TFE:4:3BI5rCywdpP)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.2636629.susgen
Fortinet	W32/Dorkbot.BAA!tr
AVG	Win32:Ruskill-DV [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)