Virus

How to remove “Virus.Win32.VB.lb”?

Malware Removal

The Virus.Win32.VB.lb is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Virus.Win32.VB.lb virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Anomalous binary characteristics

How to determine Virus.Win32.VB.lb?



File Info:

name: 0B8C6366D0C44549DB27.mlw
path: /opt/CAPEv2/storage/binaries/45353c0b358848d594e40d271422ad5bf94a766b1e32180d53f614334d5c0607
crc32: 9C557C0B
md5: 0b8c6366d0c44549db271d6a997b1720
sha1: 1a081fef4ff6c06dfde6ae886e298822ff1ba733
sha256: 45353c0b358848d594e40d271422ad5bf94a766b1e32180d53f614334d5c0607
sha512: faf08906e9863a5e7a9bab8e100a2d7ec0d65e55ef3fa39b956d48aac75fe71544c7fc0139731829de7910a8f71ab663470212726d4c2a759d85c78a86dc3fd9
ssdeep: 12288:/cVOjcccVOjcccVOjcccVOjc5vaRJExKxxOm+uuBv3d:/cVOjcccVOjcccVOjcccVOjcqEoym1ud
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T184F48D23AA804076E31542B0AD2AB6AE656DBD31C5536E1723D94EDE3FF1483B17133B
sha3_384: 154940c3853415aa56be3ea46b00a5e77b7e1364cf3b5e84ae280ef770812e78f8fdc0bafdd91c57fc960b9407d408c4
ep_bytes: 68908f4000e8f0ffffff000000000000
timestamp: 2008-06-02 13:39:06


Version Info:

Translation: 0x0804 0x04b0
CompanyName: 2146
ProductName:  
FileVersion: 1.00
ProductVersion: 1.00
InternalName: avp
OriginalFilename: avp.exe

Virus.Win32.VB.lb also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Doina.29488
FireEyeGeneric.mg.0b8c6366d0c44549
ALYacGen:Variant.Doina.29488
CylanceUnsafe
ZillyaVirus.VB.Win32.176
SangforTrojan.Win32.Save.a
K7AntiVirusP2PWorm ( 0055e3e51 )
K7GWP2PWorm ( 0055e3e51 )
Cybereasonmalicious.6d0c44
CyrenW32/VeeBee.A.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/AutoRun.VB.HG
APEXMalicious
ClamAVWin.Trojan.Soul-4
KasperskyVirus.Win32.VB.lb
BitDefenderGen:Variant.Doina.29488
NANO-AntivirusVirus.Win32.VB.bnmwf
AvastWin32:VB-EJQ [Wrm]
TencentMalware.Win32.Gencirc.10b0f131
Ad-AwareGen:Variant.Doina.29488
EmsisoftGen:Variant.Doina.29488 (B)
ComodoWorm.Win32.AutoRun.VB@81mkzj
DrWebWin32.HLLP.Soul.2
TrendMicroPE_VB.JM
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.bm
SophosML/PE-A + Troj/VB-DZV
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Doina.29488
JiangminPacked.Krap.gvue
AviraTR/VB.LB.2
eGambitUnsafe.AI_Score_99%
ArcabitTrojan.Doina.D7330
MicrosoftVirus:Win32/VB.DE
CynetMalicious (score: 100)
AhnLab-V3Worm/Win32.VB.C49023
McAfeeArtemis!0B8C6366D0C4
MAXmalware (ai score=86)
VBA32Trojan.VBKrypt
MalwarebytesMalware.AI.4085803506
TrendMicro-HouseCallPE_VB.JM
RisingWin32.VB.frp (CLASSIC)
YandexTrojan.GenAsa!Bx8Fg9B1WP8
IkarusHackTool.Win32.Kiser
MaxSecureVirus.Win32.VB.lb
FortinetW32/VB.LB
BitDefenderThetaAI:Packer.2FF479901F
AVGWin32:VB-EJQ [Wrm]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Virus.Win32.VB.lb?

Virus.Win32.VB.lb removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment