Trojan

TrojanClicker:Win32/VB.JO removal instruction

Malware Removal

The TrojanClicker:Win32/VB.JO is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanClicker:Win32/VB.JO virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Created a service that was not started

How to determine TrojanClicker:Win32/VB.JO?



File Info:

name: BAEAE616BC61BF514A35.mlw
path: /opt/CAPEv2/storage/binaries/3bd0b246d198f71055e61aa0480f57868e7cd3b764cd34f536f293e616377628
crc32: 49F24140
md5: baeae616bc61bf514a359a556fab209e
sha1: 8871aa3211081f4db7781a404f677ca9f06d5b1a
sha256: 3bd0b246d198f71055e61aa0480f57868e7cd3b764cd34f536f293e616377628
sha512: 5ae59616dc77e9d1ef689db879b4b7265e1381dbd84ff955d131359a4d2ea1b7dcb44ef3319da7ef1f2232c511966018cf6a06329d28fcab3d316dd44e83b416
ssdeep: 768:Xxut0oCHat9TZ3KOTStn5QBjOAyyhRudvZ4MIJMK:X0mHaXZMk6tvZBIJMK
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E58371D2E6460C13D5693EF130ADC793A522E8F42B3B53C62B57A3A93478E113D9C61B
sha3_384: 4e7b05425601cab4b67be287feaa4bf722fa35237de311cbbaba9c29b65615d735691ea5918acd60235980f6bd0ae08e
ep_bytes: 6804134000e8eeffffff000000000000
timestamp: 2007-11-26 15:27:45


Version Info:

Translation: 0x0804 0x04b0
Comments: Microsoft(R) Windows(R) Operating System
CompanyName: Microsoft Corporation
FileDescription: Microsoft(R) Windows(R) Operating System
LegalCopyright: C) Microsoft Corporation. All rights reserved.
ProductName: Microsoft(R) Windows(R) Operating System
FileVersion: 51.2600.2180
ProductVersion: 51.2600.2180
InternalName: Servicesbak
OriginalFilename: Servicesbak.exe

TrojanClicker:Win32/VB.JO also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Trojan.Heur.eu0@sz!9Azbby
ClamAVWin.Dropper.NetWire-7594936-0
FireEyeGeneric.mg.baeae616bc61bf51
SkyhighAdClicker-FP.a
McAfeeAdClicker-FP.a
Cylanceunsafe
SangforSuspicious.Win32.Save.vb
K7AntiVirusNetWorm ( 700000151 )
AlibabaTrojanClicker:Win32/Fsysna.e6d9587e
K7GWNetWorm ( 700000151 )
CrowdStrikewin/malicious_confidence_100% (W)
SymantecDownloader
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/TrojanClicker.VB.YS
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Fsysna.cbak
BitDefenderGen:Trojan.Heur.eu0@sz!9Azbby
NANO-AntivirusTrojan.Win32.VB.pcgl
AvastWin32:Evo-gen [Trj]
RisingTrojan.Clicker-VB!8.49 (TFE:5:Uj35uR0Gs6L)
SophosMal/Generic-S
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.Click.17128
VIPREGen:Trojan.Heur.eu0@sz!9Azbby
Trapminemalicious.high.ml.score
EmsisoftGen:Trojan.Heur.eu0@sz!9Azbby (B)
IkarusVirus.Win32.VB.FGK
GDataGen:Trojan.Heur.eu0@sz!9Azbby
JiangminTrojan.Fsysna.dmv
GoogleDetected
AviraTR/Dropper.Gen
MAXmalware (ai score=80)
Kingsoftmalware.kb.a.1000
ArcabitTrojan.Heur.E35E88
ZoneAlarmTrojan.Win32.Fsysna.cbak
MicrosoftTrojanClicker:Win32/VB.JO
AhnLab-V3Trojan/Win32.Seint.C73247
BitDefenderThetaAI:Packer.47549CCE1D
ALYacGen:Trojan.Heur.eu0@sz!9Azbby
YandexTrojan.GenAsa!e4UJMb6+VbM
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:Evo-gen [Trj]
Cybereasonmalicious.211081
DeepInstinctMALICIOUS

How to remove TrojanClicker:Win32/VB.JO?

TrojanClicker:Win32/VB.JO removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment