Trojan

What is “Win32/TrojanClicker.VB.NQK”?

Malware Removal

The Win32/TrojanClicker.VB.NQK is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/TrojanClicker.VB.NQK virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Dynamic (imported) function loading detected
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid

How to determine Win32/TrojanClicker.VB.NQK?



File Info:

name: E0AD5EC37F4F81A8C0D2.mlw
path: /opt/CAPEv2/storage/binaries/a54e090cde5334880f29fae206a2ae992a50548d8c9e80fa0af7821654fa371c
crc32: A4046EB6
md5: e0ad5ec37f4f81a8c0d26a025a8c0077
sha1: 08b2a7caea194188fb14e2ed21f50b22390f366e
sha256: a54e090cde5334880f29fae206a2ae992a50548d8c9e80fa0af7821654fa371c
sha512: 108218549537e30f4f773dc6e5f2db5c815eac51c644a968263a6c0bc3cbfc1b2a56d9fb0e987f8c7664abf06e5a1fbac958602a14d605cbfe9055d71d753650
ssdeep: 768:BYR5wUKB0b0SP8iLhdBSdl1BBt+GWzcquRXGWBBtvSdlpXhlSP8i:+R5Ou0mLpS1Psc3R7PlSd7m
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T108734C4336E44359F3FA063EE4B260E1AD7ABE26D802C7E94E70171D18259126D53B3F
sha3_384: 7caa738f60c65f935db8ec5bb2053211c3a7bde544e2bd9bf3c549de99e83b1de0252eabda3ad5d5565b251ee5f17f88
ep_bytes: 681c124000e8f0ffffff000000000000
timestamp: 2011-01-06 01:19:02


Version Info:

Translation: 0x0804 0x04b0
CompanyName: Kingsoft Corporation
FileDescription: 金山卫士主程序
LegalCopyright: Copyright (C) 2010 Kingsoft Corporation
ProductName: 金山卫士
FileVersion: 2.00.0001
ProductVersion: 2.00.0001
InternalName: 32
OriginalFilename: 32.exe

Win32/TrojanClicker.VB.NQK also known as:

BkavW32.AIDetect.malware2
CylanceUnsafe
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanClicker.VB.NQK
KasperskyHEUR:Trojan.Win32.Generic
TencentWin32.Trojan.Generic.Ajbp
DrWebTrojan.MulDrop3.61596
McAfee-GW-EditionBehavesLike.Win32.Trojan.lm
SentinelOneStatic AI – Suspicious PE
Trapminemalicious.high.ml.score
APEXMalicious
WebrootW32.Allaple.Gen
AviraTR/Clicker.tovoo
KingsoftWin32.Troj.DeepScan.x.(kcloud)
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
McAfeeArtemis!E0AD5EC37F4F
RisingTrojan.Win32.Generic.126BCE1D (C64:YzY0OoxeFn6qHvlC)
YandexTrojan.GenAsa!zwKAsuQVCR8
IkarusTrojan.Agent
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Malware_fam.NB
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Win32/TrojanClicker.VB.NQK?

Win32/TrojanClicker.VB.NQK removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment