Malware

Win32/AutoRun.VB.ASQ removal guide

Malware Removal

The Win32/AutoRun.VB.ASQ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/AutoRun.VB.ASQ virus can do?

  • Executable code extraction
  • Expresses interest in specific running processes
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Performs some HTTP requests
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Attempts to disable Windows Auto Updates
  • Creates a slightly modified copy of itself
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

Related domains:

ns1.spansearcher.net

How to determine Win32/AutoRun.VB.ASQ?



File Info:

crc32: D05C0BB2
md5: 7c1e375b8a23eb91e19d48395f4c8e8b
name: 7C1E375B8A23EB91E19D48395F4C8E8B.mlw
sha1: 2d25a3918f96b7f8dec1abbbb6a8c4c42f41bc57
sha256: 95728773ecbb6214cb3e9bee80459387ad1a998c3dc32b0917bb3ab8b2dd1a9a
sha512: a5e6add9eee7e9b728b34ddb39ae4e76ad94d17fbc80d2adabed95e8c4d4ca064dd2ecd8854941788b7f1a08ec01fd629f4f0839a7ea205883d50ae31d6f2160
ssdeep: 6144:wyjeoVYD3XHLB8+koWz+QG41X6zn9oba8lD:wyhVYT7B8+kNzpGnS+85
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
ProductVersion: 1.00
InternalName: FLhYtabO
FileVersion: 1.00
OriginalFilename: FLhYtabO.exe
ProductName: RIEkyl

Win32/AutoRun.VB.ASQ also known as:

BkavW32.VBFakeFolderMassiveDPC.Worm
Elasticmalicious (high confidence)
DrWebTrojan.VbCrypt.81
MicroWorld-eScanGen:Variant.Chinky.7
FireEyeGeneric.mg.7c1e375b8a23eb91
CAT-QuickHealTrojan.Beebone.D
ALYacGen:Variant.Chinky.7
CylanceUnsafe
VIPREWorm.Win32.Vobfus.gensa (v)
SangforMalware
K7AntiVirusEmailWorm ( 0054d10f1 )
BitDefenderGen:Variant.Chinky.7
K7GWEmailWorm ( 0054d10f1 )
CrowdStrikewin/malicious_confidence_70% (D)
BitDefenderThetaGen:NN.ZevbaF.34804.xm0@ay@67toi
CyrenW32/Vobfus.BE.gen!Eldorado
SymantecW32.Changeup
TotalDefenseWin32/Vobfus.AGN
TrendMicro-HouseCallWORM_VOBFUS.SMAB
AvastWin32:Regrun-MM [Trj]
ClamAVWin.Trojan.VB-1694
KasperskyTrojan.Win32.Scar.gbhp
NANO-AntivirusTrojan.Win32.VB.covktw
ViRobotTrojan.Win32.A.Scar.389120.D
RisingWorm.VobfusEx!1.99DB (CLASSIC)
Ad-AwareGen:Variant.Chinky.7
EmsisoftGen:Variant.Chinky.7 (B)
ComodoWorm.Win32.Pronny.AK@4ogvoo
F-SecureTrojan.TR/Regrun.MO
BaiduWin32.Worm.Pronny.d
TrendMicroWORM_VOBFUS.SMAB
McAfee-GW-EditionBehavesLike.Win32.VBObfus.fh
SophosML/PE-A + Mal/VBCheMan-B
SentinelOneStatic AI – Malicious PE – Worm
JiangminTrojan/Scar.badi
AviraTR/Regrun.MO
MAXmalware (ai score=82)
Antiy-AVLWorm/Win32.WBNA.gen
MicrosoftWorm:Win32/Vobfus
ArcabitTrojan.Chinky.7
SUPERAntiSpywareTrojan.Agent/Gen-Autorun[VB]
ZoneAlarmTrojan.Win32.Scar.gbhp
GDataGen:Variant.Chinky.7
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Menti.R21623
Acronissuspicious
McAfeeGeneric VB.kk
TACHYONTrojan/W32.VB-Menti.389120
VBA32BScope.Trojan.Downloader
MalwarebytesGeneric.Trojan.Malicious.DDS
PandaTrj/Genetic.gen
APEXMalicious
ESET-NOD32Win32/AutoRun.VB.ASQ
TencentWorm.Win32.Vobfus.n
YandexTrojan.GenAsa!S4nLwk2Lx5Y
IkarusTrojan-PSW.Fareit
eGambitUnsafe.AI_Score_99%
FortinetW32/VBKrypt.C!tr
AVGWin32:Regrun-MM [Trj]
Cybereasonmalicious.b8a23e
Qihoo-360HEUR/QVM03.0.057B.Malware.Gen

How to remove Win32/AutoRun.VB.ASQ?

Win32/AutoRun.VB.ASQ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment