Worm

Worm.Win32.Vobfus.evfh removal

Malware Removal

The Worm.Win32.Vobfus.evfh is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm.Win32.Vobfus.evfh virus can do?

  • Executable code extraction
  • Expresses interest in specific running processes
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Creates a slightly modified copy of itself
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Worm.Win32.Vobfus.evfh?



File Info:

crc32: D7BFDDD4
md5: 94f5fc2b7b3fd8032c68a2aae15ae73c
name: 94F5FC2B7B3FD8032C68A2AAE15AE73C.mlw
sha1: ffee74264da59b81f9ab92117f917bd32847bd88
sha256: 8c9baf3d7bde373299d5a03313ffcd9a4f8451f70af6596d62b89471a92c05a7
sha512: 7d6d82ea572b5b17fc1e7a4ba12b0c12abcc09a64b4039a5d678a123f73d3a46752bf86ee16c934910081308923d659f2ede76a990c06e6327d0c5174efddcef
ssdeep: 6144:kAKVQpyyUf9dgAVRKlqBiErIsKnPmb7/jWal+FfAje+5/RxoOsutOSD/uP39RWy:kAAyUf9DRKlqgErIsKnPmb7/jWa1e+5
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

FileVersion: 1.00
Translation: 0x0409 0x04b0

Worm.Win32.Vobfus.evfh also known as:

BkavW32.AIDetect.malware1
K7AntiVirusEmailWorm ( 0054d10f1 )
Elasticmalicious (high confidence)
DrWebWorm.Siggen.11987
CynetMalicious (score: 100)
McAfeeVBObfus.er
CylanceUnsafe
ZillyaTrojan.Diple.Win32.37596
SangforWin.Trojan.Changeup-6169544-0
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaWorm:Win32/Vobfus.718f342a
K7GWEmailWorm ( 0054d10f1 )
Cybereasonmalicious.b7b3fd
BaiduWin32.Virus.Virut.gen
CyrenW32/Vobfus.AA.gen!Eldorado
SymantecW32.Changeup
ESET-NOD32Win32/Virut.NBP
APEXMalicious
TotalDefenseWin32/FakeFLDR_i
AvastWin32:Vitro [Inf]
ClamAVWin.Trojan.VB-73740
KasperskyWorm.Win32.Vobfus.evfh
BitDefenderGen:Variant.Barys.2644
NANO-AntivirusTrojan.Win32.Vobfus.ewhyaa
ViRobotTrojan.Win32.A.Diple.253952.DC
SUPERAntiSpywareTrojan.Agent/Gen-AutoRun
MicroWorld-eScanGen:Variant.Barys.2644
TencentTrojan.Win32.FakeFolder.gcy
Ad-AwareGen:Variant.Barys.2644
SophosML/PE-A + W32/SillyFDC-GS
ComodoWorm.Win32.VB.AUA@4o7zkg
BitDefenderThetaGen:NN.ZevbaF.34608.pq1@ayvkOili
VIPRETrojan.Win32.Vobfus.paa (v)
TrendMicroWORM_VOBFUS.SMAB
McAfee-GW-EditionVBObfus.er
FireEyeGeneric.mg.94f5fc2b7b3fd803
EmsisoftGen:Variant.Barys.2644 (B)
SentinelOneStatic AI – Malicious PE
WebrootW32.Trojan.Diple.Gen
AviraTR/Kazy.502564
MicrosoftWorm:Win32/Vobfus.gen!O
ArcabitTrojan.Barys.DA54
AegisLabWorm.Win32.WBNA.low6
ZoneAlarmWorm.Win32.WBNA.ipa
GDataGen:Variant.Barys.2644
AhnLab-V3Trojan/Win32.Diple.R18781
Acronissuspicious
VBA32BScope.TrojanRansom.Blocker
MAXmalware (ai score=87)
MalwarebytesMalware.AI.30491124
PandaTrj/Genetic.gen
TrendMicro-HouseCallWORM_VOBFUS.SMAB
RisingWorm.VobfusEx!1.99DC (CLOUD)
YandexTrojan.GenAsa!J9URsE4Z4kc
IkarusWorm.Win32.Vobfus
MaxSecureTrojan.Malware.3552677.susgen
FortinetW32/Virtu.F
AVGWin32:Vitro [Inf]
Paloaltogeneric.ml
Qihoo-360Win32/Trojan.Kazy.HwMA2GYA

How to remove Worm.Win32.Vobfus.evfh?

Worm.Win32.Vobfus.evfh removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment