What is “VHO:Trojan-PSW.Win32.Bjlog”?

The VHO:Trojan-PSW.Win32.Bjlog is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What VHO:Trojan-PSW.Win32.Bjlog virus can do?

The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous binary characteristics

How to determine VHO:Trojan-PSW.Win32.Bjlog?


File Info:
name: 9449C8BE326E7CE91282.mlw
path: /opt/CAPEv2/storage/binaries/084f6ccb293d1cbe6a830d3526e75f9e485abca5abdbb0312eb368cfb66c5548
crc32: 1A460203
md5: 9449c8be326e7ce91282235aa5d27826
sha1: d65d259c3b3fd66b4e8afd64c676be64185cbff2
sha256: 084f6ccb293d1cbe6a830d3526e75f9e485abca5abdbb0312eb368cfb66c5548
sha512: ff4d722a5f1cfee8223ade3c428463fd1a490c560503c61be26a5838127ebd57b5567b17b1b9d7f7eff363557e60c9640b441058a11fb8d708a47b8125985307
ssdeep: 3072:KJLYVpnJlkwUCW91+kq4d3nWH0V/V+UL312pYstH4fPp843P+CP1RricNdAl:KJLU5kwWD+idhV/Vj12pLtH8u0PbXr3e
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10104E001E3E48444E4B24E302CB3CBE126B6FC66EDA5C7CF93157A4E5C31595AD26B2B
sha3_384: 2106866cfc396872b59f7c3926a75e049a807e211b87a17a26495814a82daac890cf852071a58d3a9e0c70a9b45e4e5a
ep_bytes: b8003045006a00680a53420064ff3500
timestamp: 2019-08-09 05:46:43

Version Info:
Comments: A small portable Windows program to prevent system shutdown, Standby, Hibernate, Turn Off and Restart
Company: Nenad Hrg
CompanyName: Nenad Hrg (SoftwareOK.com)
FileDescription: Don't Sleep
FileVersion: 5, 5, 7, 0
InternalName: Don't Sleep
LegalCopyright: Copyright © 2010 - 2019 Nenad Hrg - SoftwareOK.com
LegalTrademarks: 
OriginalFilename: DontSleep.exe
PrivateBuild: 
ProductName: Don't Sleep SoftwareOK.com
ProductVersion: 5, 5, 7, 0
SpecialBuild: 
Translation: 0x0800 0x04b0

VHO:Trojan-PSW.Win32.Bjlog also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Bjlog.4!c
MicroWorld-eScan	Trojan.GenericKD.68286191
FireEye	Trojan.GenericKD.68286191
McAfee	Artemis!9449C8BE326E
Malwarebytes	Malware.Heuristic.1003
Zillya	Trojan.Bjlog.Win32.12420
Sangfor	Infostealer.Win32.Bjlog.V016
K7AntiVirus	Riskware ( 00584baa1 )
K7GW	Riskware ( 00584baa1 )
Symantec	Trojan.Gen.MBT
APEX	Malicious
Kaspersky	VHO:Trojan-PSW.Win32.Bjlog.gen
BitDefender	Trojan.GenericKD.68286191
Avast	Win32:Malware-gen
Emsisoft	Trojan.GenericKD.68286191 (B)
VIPRE	Trojan.GenericKD.68286191
TrendMicro	TROJ_GEN.R002C0DGQ23
McAfee-GW-Edition	BehavesLike.Win32.Dropper.cc
Trapmine	malicious.moderate.ml.score
Sophos	Mal/Generic-S
SentinelOne	Static AI – Suspicious PE
GData	Trojan.GenericKD.68286191
MAX	malware (ai score=89)
Antiy-AVL	Trojan[PSW]/Win32.Bjlog
Arcabit	Trojan.Generic.D411F6EF
ZoneAlarm	VHO:Trojan-PSW.Win32.Bjlog.gen
Microsoft	Trojan:Win32/Wacatac.B!ml
ALYac	Trojan.GenericKD.68286191
Cylance	unsafe
Panda	Trj/Chgt.AD
TrendMicro-HouseCall	TROJ_GEN.R002C0DGQ23
Rising	Stealer.Bjlog!8.135A4 (CLOUD)
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS

How to remove VHO:Trojan-PSW.Win32.Bjlog?

VHO:Trojan-PSW.Win32.Bjlog removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X