Malware

Troj/VB-FYR removal guide

Malware Removal

The Troj/VB-FYR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Troj/VB-FYR virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Attempts to disable Windows Auto Updates
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Troj/VB-FYR?



File Info:

name: 47CA4C6A0B8EB2C69591.mlw
path: /opt/CAPEv2/storage/binaries/26e17da039f44aed54c084af812c563d89f63e916ebd1362ecd946bd6f7d9ea8
crc32: 73661AA5
md5: 47ca4c6a0b8eb2c69591893e108189db
sha1: d6f2d3d38beb531411cd0989a85e8fd89cdce042
sha256: 26e17da039f44aed54c084af812c563d89f63e916ebd1362ecd946bd6f7d9ea8
sha512: da0239cd39502e77d64f5dc91a922e5bcd7037880311cddd2d8a979668d87a169969a98e4e5a2c97217e88834b265432d47c9c6a6d1a1c4710ecfdadef971d6b
ssdeep: 6144:T3vJnnqtrZjQHhOWahvVJ+Q4179iWs7hWr5tZtFvkUOt8t9Zscf9d9Y9+80QWuFN:T3vhnqtt8s1w
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10C54922E7225E739D836D5F0348C13A650ED9932E5CB685FEBCBAA0936F0D926534343
sha3_384: 9bb965eb4ddd04e4bd82ea1ca254f4f4a7b6aca04f5a70d41f12f501ce3042cc84d878ab4319a388ad65d074e610b45b
ep_bytes: 68e8474000e8eeffffff000000000000
timestamp: 2012-06-13 09:56:23


Version Info:

Translation: 0x0409 0x04b0
Comments: Psychokinetic
CompanyName: riavevano
FileDescription: preponderation Haemodilution picaroon
LegalCopyright: Villose undercry
LegalTrademarks: oversteadfastness heftily
ProductName: Unridden
FileVersion: 3.01
ProductVersion: 3.01
InternalName: aqghsidtrhrekw
OriginalFilename: aqghsidtrhrekw.exe

Troj/VB-FYR also known as:

BkavW32.AIDetectMalware
LionicWorm.Win32.WBNA.ljnn
AVGWin32:Meredrop-BX [Trj]
DrWebTrojan.VbCrypt.81
MicroWorld-eScanGen:Variant.VBInject.11
FireEyeGeneric.mg.47ca4c6a0b8eb2c6
CAT-QuickHealTrojan.Beebone.D
SkyhighBehavesLike.Win32.VBObfus.dh
McAfeeVBObfus.el
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.Diple.Win32.57393
SangforSuspicious.Win32.Save.vb
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaWorm:Win32/Vobfus.8121ccc0
K7GWEmailWorm ( 0054d10f1 )
K7AntiVirusEmailWorm ( 0054d10f1 )
BitDefenderThetaGen:NN.ZevbaF.36802.sm0@a0Kjj7bi
VirITTrojan.Win32.Diple.FJTF
SymantecW32.Changeup!gen18
Elasticmalicious (high confidence)
ESET-NOD32Win32/Pronny.BA
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Trojan.Vobfus-70359
KasperskyWorm.Win32.Vobfus.cmuz
BitDefenderGen:Variant.VBInject.11
NANO-AntivirusTrojan.Win32.WBNA.covkrf
AvastWin32:Meredrop-BX [Trj]
RisingWorm.VobfusEx!1.99DB (CLASSIC)
EmsisoftGen:Variant.VBInject.11 (B)
F-SecureTrojan.TR/Dropper.Gen
BaiduWin32.Worm.Pronny.d
VIPREGen:Variant.VBInject.11
TrendMicroWORM_VOBFUS.SM01
Trapminesuspicious.low.ml.score
SophosTroj/VB-FYR
SentinelOneStatic AI – Malicious PE
VaristW32/Vobfus.BE.gen!Eldorado
AviraTR/Dropper.Gen
MAXmalware (ai score=100)
Antiy-AVLWorm/Win32.WBNA.gen
KingsoftWin32.HeurC.KVM007.a
XcitiumWorm.Win32.Pronny.AK@4ogvoo
ArcabitTrojan.VBInject.11
ViRobotTrojan.Win32.A.Diple.294912.AAJ
ZoneAlarmWorm.Win32.Vobfus.cmuz
GDataGen:Variant.VBInject.11
GoogleDetected
AhnLab-V3Worm/Win32.WBNA.R27996
Acronissuspicious
VBA32Malware-Cryptor.VB.gen
ALYacGen:Variant.VBInject.11
TACHYONWorm/W32.Vobfus.294912.I
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallWORM_VOBFUS.SM01
TencentWorm.Win32.Vobfus.n
YandexTrojan.GenAsa!oVUs6KlH9BA
IkarusWorm.Win32.Vobfus
MaxSecureTrojan.Malware.4153168.susgen
FortinetW32/VBKrypt.C!tr
Cybereasonmalicious.a0b8eb
DeepInstinctMALICIOUS
alibabacloudWorm:Win/Pronny.BA

How to remove Troj/VB-FYR?

Troj/VB-FYR removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment