Trojan

Trojan.Heur.ou0arbEiWVeid removal guide

Malware Removal

The Trojan.Heur.ou0arbEiWVeid is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Heur.ou0arbEiWVeid virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempted to write directly to a physical drive
  • Anomalous binary characteristics

How to determine Trojan.Heur.ou0arbEiWVeid?



File Info:

name: 5BE7493470D711FED39D.mlw
path: /opt/CAPEv2/storage/binaries/a9fb10cc04e86cece8877f260327b46ac25ecad34f30b44ecdc7a4a921e6785c
crc32: 636F9469
md5: 5be7493470d711fed39d4587265024f0
sha1: 1e92a244cf544303dbd59e7c970a1a71b9c5ebf0
sha256: a9fb10cc04e86cece8877f260327b46ac25ecad34f30b44ecdc7a4a921e6785c
sha512: 8465bc66082c6caccd2845c1d2062d2b17ef02da1ba6e5ee595023d502b47d3cd400d20ffc15da8783eff585b18b274689f2f9dd2c3c693908a7bfb035919425
ssdeep: 3072:cTMHirljsoxEZH96HM0XU+aDe5UEjmIlmijI7rUGimMNso2Y6XtYKTjOhd:THcWn+aC1meyUGimMNyRqKMd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B634124AF2A5CA13D1DC18F5A55FCE9842387CEA1605D267F0D1330BECBB6C6606E872
sha3_384: 9e16b34ecf3353d98704e5f2191cbd7559f1785c30a0dfa7cdc63894bf6545db0690314911060759fb9046a0be0195d9
ep_bytes: 6801a04100e801000000c3c3cb00014e
timestamp: 2011-07-06 18:17:14


Version Info:

Translation: 0x0409 0x04b0
CompanyName: FinanceDesktop
FileDescription: FinanceDesktop loader
ProductName: FinanceDesktop
FileVersion: 6.101.0477
ProductVersion: 6.101.0477
InternalName: update_bene
OriginalFilename: update_bene.exe

Trojan.Heur.ou0arbEiWVeid also known as:

LionicTrojan.Win32.Generic.mboY
MicroWorld-eScanGen:Trojan.Heur.ou0arbEiWVeid
McAfeeArtemis!5BE7493470D7
VIPREGen:Trojan.Heur.ou0arbEiWVeid
AlibabaTrojanDownloader:Win32/VBKrypt.9e362120
Cybereasonmalicious.470d71
VirITTrojan.Win32.Cryptic.DBF
CyrenW32/VB.DO.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/TrojanDownloader.VB.OYW
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyTrojan.Win32.VBKrypt.prfh
BitDefenderGen:Trojan.Heur.ou0arbEiWVeid
NANO-AntivirusTrojan.Win32.Buzus.dukdh
AvastWin32:Kryptik-GDN [Trj]
TencentWin32.Packed.Black.Lflw
EmsisoftGen:Trojan.Heur.ou0arbEiWVeid (B)
F-SecureTrojan.TR/Crypt.ASPM.Gen
DrWebTrojan.DownLoader4.7583
ZillyaTrojan.Buzus.Win32.69713
TrendMicroMal_Banker15
McAfee-GW-EditionBehavesLike.Win32.VirRansom.dc
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.5be7493470d711fe
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
GDataGen:Trojan.Heur.ou0arbEiWVeid
JiangminTrojan/Buzus.axly
WebrootW32.Trojan.Gen
AviraTR/Crypt.ASPM.Gen
MAXmalware (ai score=100)
XcitiumTrojWare.Win32.Buzus.sdgr@4ks6m1
ArcabitTrojan.Heur.ou0arbEiWVeid
ZoneAlarmPacked.Win32.Black.d
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Trojan/Win32.Buzus.C84407
VBA32Trojan.VB.Stigma
ALYacGen:Trojan.Heur.ou0arbEiWVeid
TACHYONTrojan/W32.Buzus.236032.J
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallMal_Banker15
RisingDownloader.VB!8.1EB (CLOUD)
YandexTrojan.Buzus!gVmjH/W/fSY
IkarusTrojan.Win32.Buzus
FortinetW32/Banker.BHZC!tr
BitDefenderThetaAI:Packer.963F1DE91D
AVGWin32:Kryptik-GDN [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_90% (D)

How to remove Trojan.Heur.ou0arbEiWVeid?

Trojan.Heur.ou0arbEiWVeid removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment