Trojan

Win32/TrojanClicker.VB.OFQ removal

Malware Removal

The Win32/TrojanClicker.VB.OFQ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/TrojanClicker.VB.OFQ virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32/TrojanClicker.VB.OFQ?



File Info:

name: 1FB1C225F34F2B2DE30A.mlw
path: /opt/CAPEv2/storage/binaries/524c3ffada1c543c6f1d6838d17d4d44f7d55379594deb9a6a417217944b948f
crc32: 96503633
md5: 1fb1c225f34f2b2de30a5fb2cd4f4b1d
sha1: 1599ca40b94d2f1b77281df71781512f43bdd0af
sha256: 524c3ffada1c543c6f1d6838d17d4d44f7d55379594deb9a6a417217944b948f
sha512: 562bf1e38bab04e8159ce2bf19d21fa84f5fff1be1d141cf40a646a35718687457de9377c074e397ca12f734cbd2470e99a1a2a2df6227fe1774ca87a3b3a80b
ssdeep: 768:zyoI2zDcjowO3ye9T1VWkhk8Qnz9u9rrPtW:fI2scwK9T11hk8ZfPtW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B8032A627ADCA132F35A4BF90A6617C54827BC744552CD0B999D8D0C3F72F27A91232F
sha3_384: d5e7837d1c6de1d9029a5ae7fe8476d2cf1c76f79a04dfc3df61f2ed7edff93ca6312f0306a049e7caa197088e6073a8
ep_bytes: 6840244000e8eeffffff000000000000
timestamp: 2014-09-11 04:30:54


Version Info:

Translation: 0x0804 0x04b0
Comments: qizalz
CompanyName: udwylyebki
FileDescription: lqczopf
LegalCopyright: pswrhll
LegalTrademarks: ufrnlrzhr
ProductName: binyfyrfqpe
FileVersion: 1.00
ProductVersion: 1.00
InternalName: tbdeamu
OriginalFilename: cfxuxnt.tmp

Win32/TrojanClicker.VB.OFQ also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.VB.m7vs
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.66566908
ClamAVWin.Trojan.A809cdd-7067577-0
FireEyeGeneric.mg.1fb1c225f34f2b2d
ALYacTrojan.GenericKD.66566908
MalwarebytesMalware.AI.304500036
VIPRETrojan.GenericKD.66566908
K7AntiVirusTrojan ( 0040fa561 )
AlibabaTrojanClicker:Win32/PassViewer.276b4136
K7GWTrojan ( 0040fa561 )
CrowdStrikewin/malicious_confidence_100% (W)
BaiduWin32.Trojan.Trojan-Clicker.e
VirITTrojan.Win32.Clicker.BHDL
CyrenW32/A-b331f047!Eldorado
SymantecSMG.Heur!gen
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/TrojanClicker.VB.OFQ
APEXMalicious
CynetMalicious (score: 99)
KasperskyTrojan.Win32.Wimg.y
BitDefenderTrojan.GenericKD.66566908
NANO-AntivirusTrojan.Win32.Wimg.eaukur
AvastWin32:Trojan-gen
TencentWin32.Trojan.Wimg.Swhl
EmsisoftTrojan.GenericKD.66566908 (B)
F-SecureTrojan.TR/Kazy.onbeubam
DrWebTrojan.KillFiles.14843
ZillyaTrojan.Wimg.Win32.1058
McAfee-GW-EditionTrojan-FEWF!1FB1C225F34F
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
GDataTrojan.GenericKD.66566908
JiangminTrojan/Wimg.a
WebrootW32.Trojan.Gen
AviraTR/Kazy.onbeubam
MAXmalware (ai score=86)
Antiy-AVLTrojan/Win32.SGeneric
ArcabitTrojan.Generic.D3F7BAFC
SUPERAntiSpywareTrojan.Agent/Gen-Kazy
ZoneAlarmTrojan.Win32.Wimg.y
MicrosoftTrojanClicker:Win32/Wimg.A
GoogleDetected
AhnLab-V3Trojan/Win32.ZBot.R120535
McAfeeTrojan-FEWF!1FB1C225F34F
TACHYONTrojan/W32.VB-Wimg.41013
VBA32Trojan.Wimg
Cylanceunsafe
PandaTrj/Genetic.gen
YandexTrojan.GenAsa!7vQsUIaKwmg
Ikarusnot-a-virus:PSWTool.Win32.PassViewer
MaxSecureTrojan.Malware.7491932.susgen
FortinetW32/TrojanClicker.OFQ!tr
BitDefenderThetaGen:NN.ZevbaF.36196.cm1@aShjyuhb
AVGWin32:Trojan-gen
Cybereasonmalicious.0b94d2
DeepInstinctMALICIOUS

How to remove Win32/TrojanClicker.VB.OFQ?

Win32/TrojanClicker.VB.OFQ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment