Worm

Should I remove “VHO:Net-Worm.Win32.Convagent”?

Malware Removal

The VHO:Net-Worm.Win32.Convagent is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What VHO:Net-Worm.Win32.Convagent virus can do?

  • At least one process apparently crashed during execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine VHO:Net-Worm.Win32.Convagent?



File Info:

name: 97BDA795938DDB97593F.mlw
path: /opt/CAPEv2/storage/binaries/23f476a1fd865d343a4ea1358882d923ed14d0257195202aef6f1e5a02f57bf4
crc32: AD062D35
md5: 97bda795938ddb97593f625c45d0b391
sha1: e85e52648a613a9ac2f524aa9911e83f7b9634d5
sha256: 23f476a1fd865d343a4ea1358882d923ed14d0257195202aef6f1e5a02f57bf4
sha512: 23e5150dc8f998abf830fe956ff9abc853a84ad8788033eaf3c9dcb52ee81f6b98d8d66457671a2271092b5891426a3ec264f0ab847f395936cdcdac311db99b
ssdeep: 6144:3hqGHMUxwPtZPFvNtCbEV1cxNmkBVF8bNiT0KyrWdUJT/4DO/B52pRr3zmiTVVmk:3hjMlPtZJnguczzBV00sJj4DO/B52n
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T149C47E037BE440BBE8234632C5B0979496B7FAE46D618F8B12943D2C7E749C1DD26B39
sha3_384: 6767e0bcd9bda2cf6f57df97daae430fb01edfaba2402511da8eb60a3629c187fc7fb750609270bef67a94325c10ca01
ep_bytes: 02344300e869e4020051568bf16a10e8
timestamp: 2015-12-03 04:44:46


Version Info:

0: [No Data]

VHO:Net-Worm.Win32.Convagent also known as:

BkavW32.AIDetect.malware1
LionicWorm.Win32.Convagent.p!c
MicroWorld-eScanTrojan.GenericKD.38117945
FireEyeTrojan.GenericKD.38117945
ALYacTrojan.GenericKD.38117945
K7AntiVirusTrojan ( 0058aa851 )
BitDefenderTrojan.GenericKD.38117945
K7GWTrojan ( 0058aa851 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/GenKryptik.FNRY
BaiduWin32.Worm.Agent.u
KasperskyVHO:Net-Worm.Win32.Convagent.gen
AlibabaTrojan:Win32/GenKryptik.fd1cdf54
Ad-AwareTrojan.GenericKD.38117945
SophosMal/Generic-S
TrendMicroTROJ_GEN.R011C0PKO21
McAfee-GW-EditionRDN/Generic.hra
EmsisoftTrojan.GenericKD.38117945 (B)
IkarusTrojan.Win32.Krypt
AviraTR/Kryptik.cdlfq
MAXmalware (ai score=82)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GridinsoftRansom.Win32.Sabsik.sa
GDataTrojan.GenericKD.38117945
CynetMalicious (score: 99)
McAfeeRDN/Generic.hra
TrendMicro-HouseCallTROJ_GEN.R011C0PKO21
YandexTrojan.GenKryptik!ITXVnvTHu0Q
FortinetW32/GenKryptik.FNRY!tr
AVGWin32:Trojan-gen
AvastWin32:Trojan-gen

How to remove VHO:Net-Worm.Win32.Convagent?

VHO:Net-Worm.Win32.Convagent removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment