Malware

JS/Vjworm.F removal

Malware Removal

The JS/Vjworm.F is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What JS/Vjworm.F virus can do?

  • Attempts to connect to a dead IP:Port (1 unique times)
  • Detected script timer window indicative of sleep style evasion
  • A process attempted to delay the analysis task.
  • Reads data out of its own binary image
  • A process created a hidden window
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • A wscript.exe process commonly used in script or document file downloaders initiated network activity
  • Attempts to modify proxy settings
  • Attempts to interact with an Alternate Data Stream (ADS)
  • Collects information to fingerprint the system

Related domains:

utcsvc.linkpc.net

How to determine JS/Vjworm.F?



File Info:

crc32: A4CE70FD
md5: a3d61c51677550bcab428e66d5ae3080
name: A3D61C51677550BCAB428E66D5AE3080.mlw
sha1: 7ccd97e4c9afcd1006aaeb617f1d197d8913e34c
sha256: ec2ff3ea783304168e8acdf7e60a3c4d97efa75bf922c10ee1b947d1b87a7cc2
sha512: da991a168162ec3d0f551413bb9d7f21f3f20f9f171d8a81684f2cdde80883e9a06aaf789d3e8c48ee148b280d4cf757344d057187fb3839e031d94255b3e6cc
ssdeep: 49152:zbA3QEThXw57teXjNdbxkFPL01tYHYAsG3CfR3zF93DZvL1:zbqNw5peXp1x4jAH43+R3zz3FvL1
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 2000-2021 Disc Soft Ltd.
Assembly Version: 6.0.0.1623
InternalName: DTUltra.exe
FileVersion: 6.0.0.1623
CompanyName: Disc Soft Ltd
LegalTrademarks: 
Comments: 
ProductName: DAEMON Tools Ultra
ProductVersion: 6.0.0.1623
FileDescription: DAEMON Tools Ultra
OriginalFilename: DTUltra.exe
Translation: 0x0000 0x04b0

JS/Vjworm.F also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
ClamAVWin.Malware.Qshell-9875653-0
ALYacTrojan.GenericKD.37321594
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_60% (W)
AlibabaRansom:Win32/Blocker.1e56eae2
ESET-NOD32JS/Vjworm.F
APEXMalicious
AvastWin32:Malware-gen
CynetMalicious (score: 100)
KasperskyTrojan-Ransom.Win32.Blocker.nbir
BitDefenderTrojan.GenericKD.37321594
MicroWorld-eScanTrojan.GenericKD.37321594
Ad-AwareTrojan.GenericKD.37321594
SophosGeneric ML PUA (PUA)
McAfee-GW-EditionBehavesLike.Win32.Generic.vc
FireEyeGeneric.mg.a3d61c51677550bc
EmsisoftTrojan.GenericKD.37321594 (B)
AviraTR/Blocker.hdfcn
eGambitUnsafe.AI_Score_99%
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftTrojan:Win32/Glupteba!ml
ArcabitTrojan.Generic.D2397B7A
GDataTrojan.GenericKD.37321594
AhnLab-V3Trojan/Win.Generic.C4575001
McAfeeArtemis!A3D61C516775
MAXmalware (ai score=85)
PandaTrj/CI.A
IkarusWorm.JS.AutoRun
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove JS/Vjworm.F?

JS/Vjworm.F removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment