Trojan

Trojan.Win32.VB.dosq removal guide

Malware Removal

The Trojan.Win32.VB.dosq is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.VB.dosq virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan.Win32.VB.dosq?



File Info:

name: 6F89470A0E142F071516.mlw
path: /opt/CAPEv2/storage/binaries/9512127e790375f2ca68b1e1b12f50e437742973dc9898f89df29d4cdfd52f3b
crc32: 3008CB8D
md5: 6f89470a0e142f07151619f8c3222fc6
sha1: 8968516ab2bd44376c1641586ac715e684692f6d
sha256: 9512127e790375f2ca68b1e1b12f50e437742973dc9898f89df29d4cdfd52f3b
sha512: c34f106d2ddbb95ee7aeb32d71882bbd46a695501f98503981fa9af6b3d9a63aff74dd042ad3711b30bcba2e9d3e48606f409df24fe4718de82a5b8f3bf0b6ae
ssdeep: 3072:tbACogMdj08U2bYJPz5jff8/EChjtIpCnmHevVpTpkh3Xg/Nmvla:tb1o/5U2OP1jffQ0orpkZw/Nm
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T154A494929C64AF45FE16453427956EBA004E7D2F66E4422C785CFA0B337399B30AFD0B
sha3_384: 9523a4e57f3d74d35b8bb61648369c043cb81b9c23d0b86f5a4b1c32e088a9940222ac0c5a427b02e12fed56f2d20912
ep_bytes: 68e4914200e8eeffffff000000000000
timestamp: 2019-01-19 13:34:56


Version Info:

CompanyName: UEFI
ProductName: Kawaii-Unicorn
FileVersion: 1.00
ProductVersion: 1.00
InternalName: Kawaii-Unicorn
OriginalFilename: Kawaii-Unicorn.exe
Translation: 0x0804 0x04b0

Trojan.Win32.VB.dosq also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Dacic.4!c
MicroWorld-eScanGeneric.Dacic.94CCEEA9.A.23B9CD8F
FireEyeGeneric.mg.6f89470a0e142f07
CAT-QuickHealTrojan.Fareit
SkyhighBehavesLike.Win32.Generic.gt
ALYacGeneric.Dacic.94CCEEA9.A.23B9CD8F
Cylanceunsafe
ZillyaTrojan.VBGen.Win32.1
SangforSuspicious.Win32.Save.vb
K7AntiVirusP2PWorm ( 0054717e1 )
AlibabaTrojan:Win32/VBClone.f05d
K7GWP2PWorm ( 0054717e1 )
Cybereasonmalicious.a0e142
BitDefenderThetaAI:Packer.90DA5CCB20
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/VBClone.E
APEXMalicious
TrendMicro-HouseCallTROJ_GEN.R03BC0DD424
ClamAVWin.Packed.Generic-9967832-0
KasperskyTrojan.Win32.VB.dosq
BitDefenderGeneric.Dacic.94CCEEA9.A.23B9CD8F
NANO-AntivirusTrojan.Win32.VB.jownbp
SUPERAntiSpywareTrojan.Agent/Gen-Tedy
AvastWin32:Evo-gen [Trj]
TencentTrojan.Win32.VB.ha
EmsisoftGeneric.Dacic.94CCEEA9.A.23B9CD8F (B)
F-SecureTrojan.TR/VB.Clone.eweqc
DrWebTrojan.MulDrop20.3145
VIPREGeneric.Dacic.94CCEEA9.A.23B9CD8F
TrendMicroTROJ_GEN.R03BC0DD424
SophosTroj/VB-KCP
IkarusTrojan.Win32.VBClone
JiangminTrojan.VB.bmcx
GoogleDetected
AviraTR/VB.Clone.eweqc
VaristW32/VB.VM.gen!Eldorado
Antiy-AVLTrojan/Win32.VBClone
MicrosoftTrojan:Win32/Fareit.VB!MTB
ArcabitGeneric.Dacic.94CCEEA9.A.23B9CD8F
ZoneAlarmTrojan.Win32.VB.dosq
GDataGeneric.Dacic.94CCEEA9.A.23B9CD8F
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Fareit.R491598
Acronissuspicious
McAfeeGenericRXTC-TT!6F89470A0E14
MAXmalware (ai score=84)
VBA32SScope.Trojan.VB
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Genetic.gen
RisingTrojan.VBClone!1.B5C7 (CLASSIC)
YandexTrojan.VB!hnWVa79e+7U
SentinelOneStatic AI – Malicious PE
MaxSecureVirus.W32.GenericML.xnet
FortinetW32/VBClone.D!tr
AVGWin32:Evo-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)
alibabacloudVirTool:Win/Obfuscate.SMC.NDEP(dyn)

How to remove Trojan.Win32.VB.dosq?

Trojan.Win32.VB.dosq removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment