Malware

How to remove “Cerbu.121648”?

Malware Removal

The Cerbu.121648 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Cerbu.121648 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

How to determine Cerbu.121648?



File Info:

crc32: CFAC9F1F
md5: 2625ef24c8f3778c313a6953b49ca33e
name: 2625EF24C8F3778C313A6953B49CA33E.mlw
sha1: 1228387a61c01ce61f85afdab3934e3eb7d9547d
sha256: 3d2594b67a830b346bc2cf77d962f5b8789dc7391f2b69acda6ab07ceba7a69a
sha512: 9c725f591c82844cc8a8c93f48b1d7a9acd60416c66274e726966d3a950be7c9669f52bccb0b5b758887fa9f905a861246fa4c429c6fa36034e8889c55b25b89
ssdeep: 6144:r9HxyqFPLemh3Agp2KACgVqeQOVz5lxy4:ZxyqFPLe+37AeeTz5lxy4
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: (c) TIORAY LIMITED 2017
Assembly Version: 1.0.7.5
InternalName: IBClientNet.exe
FileVersion: 1.0.7.5
CompanyName: COMP TIORAY LIMITED
LegalTrademarks: 
Comments: IdlenessBuddy
ProductName: IdlenessBuddy
ProductVersion: 1.0.7.5
FileDescription: IBClient
OriginalFilename: IBClientNet.exe

Cerbu.121648 also known as:

K7AntiVirusTrojan ( 700000121 )
LionicRiskware.MSIL.BuddyMiner.1!c
ALYacGen:Variant.Cerbu.121648
K7GWTrojan ( 700000121 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Adware.Agent.BI
AvastFileRepMalware
Kasperskynot-a-virus:HEUR:RiskTool.MSIL.BuddyMiner.gen
BitDefenderGen:Variant.Cerbu.121648
MicroWorld-eScanGen:Variant.Cerbu.121648
TencentMsil.Risk.Buddyminer.Hoyf
Ad-AwareGen:Variant.Cerbu.121648
SophosGeneric PUA BC (PUA)
McAfee-GW-EditionGenericRXOV-XT!2625EF24C8F3
FireEyeGen:Variant.Cerbu.121648
EmsisoftGen:Variant.Cerbu.121648 (B)
Antiy-AVLTrojan/Generic.ASMalwS.33B11C1
ArcabitTrojan.Cerbu.D1DB30
GDataGen:Variant.Cerbu.121648
McAfeeGenericRXOV-XT!2625EF24C8F3
MAXmalware (ai score=87)
VBA32Trojan.MSIL.gen.m
TrendMicro-HouseCallTROJ_GEN.R002H06KK21
FortinetRiskware/GenCBL
AVGFileRepMalware
Paloaltogeneric.ml

How to remove Cerbu.121648?

Cerbu.121648 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment