Backdoor

NewHeur_VB_Backdoor.34 removal

Malware Removal

The NewHeur_VB_Backdoor.34 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What NewHeur_VB_Backdoor.34 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Authenticode signature is invalid

How to determine NewHeur_VB_Backdoor.34?


File Info:

name: 8F1A871BC8C0CF11AC17.mlw
path: /opt/CAPEv2/storage/binaries/4ecad452f18460a317022d49b73b46ddefe2341c281ef934506674cf22bb4c5a
crc32: 907960BF
md5: 8f1a871bc8c0cf11ac17cf7a61007ce1
sha1: 6ccf0fbd5f90561a84f595dedb7b54ab01a57278
sha256: 4ecad452f18460a317022d49b73b46ddefe2341c281ef934506674cf22bb4c5a
sha512: b25fd8dac959f9cd8c5aea3beee4f2c3c7ee3957381a33a82e7c1f1b1ec82b415243faf09db5936e1350644f32fc9dfb4c32ddcbfd586771afae1a313a87757b
ssdeep: 768:S89YnAuLYlIgQXTbFRc2Ugx2d1eRg/KR0SYtJVIYHoiq1892j1NCSx:S89LuLTPTBXRrYtJIiq189Q1NRx
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17383C723EA6C0422F24546B11E715AA9296B7C310511DE0F7B8BFE9C2D71A83B9F530F
sha3_384: 2927fe97c9db75bafbd9297b741d06212388f5fd5cb3de67a420067e5c1c71bb1cd22f22eb58feec77daf5f4a940d084
ep_bytes: 6838214000e8eeffffff000000000000
timestamp: 2011-03-05 07:35:20

Version Info:

Translation: 0x0409 0x04b0
CompanyName: Gatew@y
FileDescription: m4ck5t3r
ProductName: Miniuscule
FileVersion: 1.00
ProductVersion: 1.00
InternalName: Miniuscule
OriginalFilename: Miniuscule.exe

NewHeur_VB_Backdoor.34 also known as:

McAfeeArtemis!8F1A871BC8C0
CylanceUnsafe
VIPRETrojan.GenericKD.33892837
SangforSuspicious.Win32.Save.vb
K7AntiVirusRiskware ( 0015e4f01 )
BitDefenderTrojan.GenericKD.33892837
K7GWRiskware ( 0015e4f01 )
Cybereasonmalicious.bc8c0c
ArcabitTrojan.Generic.D20529E5
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of NewHeur_VB_Backdoor.34
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-Dropper.Win32.Dapato.cfms
AlibabaTrojanDropper:Win32/Dapato.c32021dd
NANO-AntivirusTrojan.Win32.Dapato.cilpnm
MicroWorld-eScanTrojan.GenericKD.33892837
RisingDropper.Dapato!8.2A2 (TFE:4:DtzE8vghnp)
Ad-AwareTrojan.GenericKD.33892837
EmsisoftTrojan.GenericKD.33892837 (B)
ComodoMalware@#13kzo6p0hobsl
DrWebTrojan.DownLoader5.21506
ZillyaDropper.Dapato.Win32.19005
McAfee-GW-EditionBehavesLike.Win32.Trojan.mt
Trapminesuspicious.low.ml.score
FireEyeGeneric.mg.8f1a871bc8c0cf11
SophosGeneric ML PUA (PUA)
IkarusGen.Heur
WebrootW32.Malware.Gen
AviraTR/VB.Downloader.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASMalwS.35
KingsoftWin32.Troj.Generic.a.(kcloud)
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataTrojan.GenericKD.33892837
GoogleDetected
VBA32Malware-Cryptor.VB.gen.1
ALYacTrojan.GenericKD.33892837
TencentWin32.Trojan-Dropper.Dapato.Nqil
YandexTrojan.DR.Dapato!f2a/3UrYeks
MaxSecureTrojan.Malware.1355911.susgen
BitDefenderThetaAI:Packer.04B28B141F
AVGWin32:Trojan-gen
AvastWin32:Trojan-gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove NewHeur_VB_Backdoor.34?

NewHeur_VB_Backdoor.34 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment