Trojan

Trojan.Win32.Jorik.Vobfus.fcnq removal guide

Malware Removal

The Trojan.Win32.Jorik.Vobfus.fcnq is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Jorik.Vobfus.fcnq virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Attempts to disable Windows Auto Updates
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan.Win32.Jorik.Vobfus.fcnq?



File Info:

name: 0C3DD974A641EE2FEBD6.mlw
path: /opt/CAPEv2/storage/binaries/19d2c288b51361941644f9afb7dee77024bf00460d7371d4d9b94260f75aa779
crc32: 51FE9D4F
md5: 0c3dd974a641ee2febd6c3984ec03d30
sha1: 1427011b9721957eb35cee826b56cb1b3dc98dfc
sha256: 19d2c288b51361941644f9afb7dee77024bf00460d7371d4d9b94260f75aa779
sha512: 1331ff0c2467faf3eb6832b75a7ac09a8e1505f774268326e3ce53e8225353e7da7148cc8d716e534a6786b36964c7be24a54f87aebbfa26867383115d4827bb
ssdeep: 3072:qreGLIraoEBnNYhFEr/JVVtOTI4BkcKmPcclV+Q/:EIrabdQ2VVtO7KmkclV+g
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F314083AFE8293A5D12A5A3639EBC7F506673C0D4F47800BAA1433E91DB1F341D69A47
sha3_384: cd9ab3fe70e2de8eba1c6b97772b2f4ce6dc611595793788b9b6c2c90a759699f3a0eba8dffd590fe3969d4995d6cb72
ep_bytes: 6880134000e8eeffffff000000000000
timestamp: 2012-08-14 02:25:37


Version Info:

Translation: 0x0409 0x04b0
Comments: scomunica longeval
CompanyName: scomunica longeval
FileDescription: scomunica longeval
LegalCopyright: scomunica longeval
LegalTrademarks: scomunica longeval
ProductName: scomunica longeval
FileVersion: 8.20
ProductVersion: 8.20
InternalName: Halide
OriginalFilename: Halide.exe

Trojan.Win32.Jorik.Vobfus.fcnq also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
DrWebWin32.HLLW.Autoruner1.24947
MicroWorld-eScanGen:Heur.VB.Agent.3
FireEyeGeneric.mg.0c3dd974a641ee2f
CAT-QuickHealTrojan.JorikMF.S27797009
ALYacGen:Heur.VB.Agent.3
MalwarebytesGeneric.Worm.AutoRun.DDS
K7AntiVirusEmailWorm ( 0054d10f1 )
K7GWEmailWorm ( 0054d10f1 )
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderThetaGen:NN.ZevbaF.36250.mm0@a4NxBRoi
VirITWorm.Win32.X-Autorun.BKXN
CyrenW32/VB.HD.gen!Eldorado
ESET-NOD32a variant of Win32/Pronny.CM
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Jorik.Vobfus.fcnq
BitDefenderGen:Heur.VB.Agent.3
NANO-AntivirusTrojan.Win32.Jorik.covkve
TencentWorm.Win32.Vobfus.m
F-SecureTrojan.TR/Barys.A.6305
BaiduWin32.Worm.Pronny.eb
VIPREGen:Heur.VB.Agent.3
McAfee-GW-EditionBehavesLike.Win32.VBObfus.cm
Trapminemalicious.high.ml.score
SophosMal/Kovter-W
JiangminTrojan/Vbobf.b
AviraTR/Barys.A.6305
MAXmalware (ai score=81)
Antiy-AVLWorm/Win32.WBNA.gen
XcitiumWorm.Win32.Pronny.ABQ@4puwz1
ArcabitTrojan.VB.Agent.3
SUPERAntiSpywareTrojan.Agent/Gen-Vobfus
ZoneAlarmTrojan.Win32.Jorik.Vobfus.fcnq
GDataGen:Heur.VB.Agent.3
GoogleDetected
AhnLab-V3Trojan/Win32.Jorik.R33575
VBA32Trojan.Vobfus
TACHYONTrojan/W32.VB-Jorik.196608.K
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallWORM_VOBFUS.SM01
RisingWorm.VobfusEx!1.99DC (CLASSIC)
YandexTrojan.GenAsa!3dwChsaCCXs
IkarusTrojan.Win32.Jorik
MaxSecureTrojan.Malware.4394194.susgen
Cybereasonmalicious.4a641e
DeepInstinctMALICIOUS

How to remove Trojan.Win32.Jorik.Vobfus.fcnq?

Trojan.Win32.Jorik.Vobfus.fcnq removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment