Malware

VirTool:Win32/Vtub.EM removal instruction

Malware Removal

The VirTool:Win32/Vtub.EM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What VirTool:Win32/Vtub.EM virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine VirTool:Win32/Vtub.EM?



File Info:

name: FD3434BEAD8557F1B875.mlw
path: /opt/CAPEv2/storage/binaries/7497d76a219f3ceaa3b784b9d07d4ba30ca71df3f74df91549ba25858755c135
crc32: 1492DDFD
md5: fd3434bead8557f1b875e03b9a8a7aac
sha1: c425da586474dc8c35c0147217a4485a28d6467f
sha256: 7497d76a219f3ceaa3b784b9d07d4ba30ca71df3f74df91549ba25858755c135
sha512: 20616b617a8a5f5cb0729c7bfa4656e2174bdb8cd43c12ee8c5c9a0c317887465107a0b5262dcfae207eb9dc6b9ceba4c9357fd8a6026654c60cba24fa0bb183
ssdeep: 24576:wkpT31gDM4xw3STXBJsGtWjfLyafvigOQMR6CtmZ1inWKNTvuV2G9IV95W6++2SN:wW1cxNTXBJs+Yuafqgw6C8O3zu8hWin
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B775231629C8F050ED369FB2478506C74D34EE1FE5B4B88FF214A2ABA494ED4C963F58
sha3_384: 092a6b9ad10c0bf625c182eed2b23d6bda4a525ec6015a8d743fd3af3793a423d7a53643da1bef55de275f737a6ba2bf
ep_bytes: 68f0134000e8eeffffff000000000000
timestamp: 2008-03-19 08:39:55


Version Info:

Translation: 0x0409 0x04b0
CompanyName: 1337
ProductName: stub
FileVersion: 1.00
ProductVersion: 1.00
InternalName: stub
OriginalFilename: stub.exe

VirTool:Win32/Vtub.EM also known as:

LionicTrojan.Win32.VBKrypt.liqY
tehtrisGeneric.Malware
CynetMalicious (score: 100)
FireEyeGeneric.mg.fd3434bead8557f1
McAfeeArtemis!FD3434BEAD85
Cylanceunsafe
VIPRETrojan.Generic.425739
SangforSuspicious.Win32.Save.vb
K7AntiVirusTrojan ( 00021bbf1 )
AlibabaTrojanDropper:Win32/Pincher.eb5ceb0f
K7GWTrojan ( 00021bbf1 )
CrowdStrikewin/malicious_confidence_100% (W)
VirITTrojan.Win32.VB.OW
CyrenW32/Risk.IUST-8168
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/TrojanDropper.VB.NFZ
APEXMalicious
ClamAVWin.Dropper.Agent-56965
KasperskyTrojan-Dropper.Win32.Pincher.p
BitDefenderTrojan.Generic.425739
NANO-AntivirusTrojan.Win32.Pincher.gcnv
MicroWorld-eScanTrojan.Generic.425739
AvastWin32:Pincher-I [Trj]
TencentMalware.Win32.Gencirc.10ba6046
SophosMal/Generic-S
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.MulDrop.12724
ZillyaDropper.Pincher.Win32.12
TrendMicroTROJ_DROPPER.EZI
McAfee-GW-EditionBehavesLike.Win32.Rontokbro.tc
EmsisoftTrojan.Generic.425739 (B)
IkarusVirus.Win32.Pincher.I
GDataTrojan.Generic.425739
JiangminTrojanDropper.Pincher.acy
AviraTR/Dropper.Gen
Antiy-AVLTrojan[Dropper]/Win32.Pincher
XcitiumTrojWare.Win32.TrojanDropper.Ldpinch.F@647v
ArcabitTrojan.Generic.D67F0B
ViRobotTrojan.Win32.Pincher.29202
ZoneAlarmTrojan-Dropper.Win32.Pincher.p
MicrosoftVirTool:Win32/Vtub.EM
GoogleDetected
AhnLab-V3Trojan/Win32.Bifrose.R13409
BitDefenderThetaAI:Packer.D2D6063D1F
ALYacTrojan.Generic.425739
MAXmalware (ai score=86)
VBA32Malware-Cryptor.VB.gen.1
MalwarebytesMalware.AI.2058600889
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_DROPPER.EZI
RisingHackTool.Vtub!8.5D8 (TFE:3:xI5bNuFxyAT)
YandexTrojan.GenAsa!ciM3XaBicf4
SentinelOneStatic AI – Malicious PE
FortinetW32/Pincher.P!tr
AVGWin32:Pincher-I [Trj]
Cybereasonmalicious.ead855
DeepInstinctMALICIOUS

How to remove VirTool:Win32/Vtub.EM?

VirTool:Win32/Vtub.EM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment