Worm

How to remove “Worm:Win32/Vobfus.QR”?

Malware Removal

The Worm:Win32/Vobfus.QR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm:Win32/Vobfus.QR virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Worm:Win32/Vobfus.QR?



File Info:

name: AAFF7D7C3848BA34C1A2.mlw
path: /opt/CAPEv2/storage/binaries/7141ff96c4f3ecd0546e4bab941b27f0b103a7ea046d830d5937e2747b9afbb6
crc32: 875DF7B7
md5: aaff7d7c3848ba34c1a21fc7832ba390
sha1: 1455c2fd9507760f0d844a89998329742de2ab18
sha256: 7141ff96c4f3ecd0546e4bab941b27f0b103a7ea046d830d5937e2747b9afbb6
sha512: 73ce3452e153c468adfc2e09b4ad1e2e6e621f76a87b364b32fcfd2bd2f41052f03f5cf77095a84849f058bb1fc3906c3deb45ced8ab50fcb2810e55e28b8821
ssdeep: 6144:yQGqtRbnQ5p3MuE6Hz6gSPfZXx6v354302k9pvU8XzwFZF:yQGob6p36HuJs02k9pvU8XzwF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T186648222E2E14C2EEC50EEF125EA5B72492B6EB90B807707B64D5B2C65731D29F71307
sha3_384: 3c487f9879d2c7af1b32fd5c28c25d9dbc3005d8578894376fe9a7b0382597ff90f3415abd3558e464edba7021fd1cae
ep_bytes: 6868164000e8f0ffffff000048000000
timestamp: 2013-06-01 05:04:56


Version Info:

CompanyName: ljppjxlr
LegalTrademarks: mnznamsokh
ProductName: antcic
FileVersion: 1.59
ProductVersion: 1.59
InternalName: qdrlde
OriginalFilename: qdrlde.exe

Worm:Win32/Vobfus.QR also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Jorik.lJKd
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Barys.18564
FireEyeGeneric.mg.aaff7d7c3848ba34
CAT-QuickHealTrojan.Beebone.D
SkyhighW32/Autorun.worm.ss!heur
McAfeeW32/Autorun.worm.ss!heur
MalwarebytesMalware.Heuristic.2046
ZillyaWorm.Vobfus.Win32.1438569
SangforSuspicious.Win32.Save.vb
K7AntiVirusEmailWorm ( 0040f5f41 )
AlibabaWorm:Win32/Vobfus.609339af
K7GWEmailWorm ( 0040f5f41 )
CrowdStrikewin/malicious_confidence_100% (W)
BaiduWin32.Worm.Autorun.l
SymantecW32.Changeup
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/VBObfus.FY
APEXMalicious
TrendMicro-HouseCallTROJ_GEN.R03BC0CAT24
KasperskyWorm.Win32.Vobfus.ebpy
BitDefenderGen:Variant.Barys.18564
NANO-AntivirusTrojan.Win32.Vobfus.crkyny
AvastWin32:VB-AGHW [Trj]
TencentWin32.Worm.Vobfus.Jqil
EmsisoftGen:Variant.Barys.18564 (B)
GoogleDetected
F-SecureTrojan.TR/Dropper.Gen7
DrWebWin32.HLLW.Autoruner1.42343
VIPREGen:Variant.Barys.18564
TrendMicroTROJ_GEN.R03BC0CAT24
Trapminemalicious.high.ml.score
SophosMal/VBCheMan-F
SentinelOneStatic AI – Suspicious PE
VaristW32/Vobfus.JH.gen!Eldorado
AviraTR/Dropper.Gen7
MAXmalware (ai score=100)
Antiy-AVLWorm/Win32.WBNA.gen
Kingsoftmalware.kb.a.987
MicrosoftWorm:Win32/Vobfus.QR
XcitiumWorm.Win32.VB.NG@4xgp5b
ArcabitTrojan.Barys.D4884
ZoneAlarmWorm.Win32.Vobfus.ebpy
GDataGen:Variant.Barys.18564
CynetMalicious (score: 100)
AhnLab-V3Worm/Win32.Vobfus.R68287
BitDefenderThetaGen:NN.ZevbaF.36802.tq0@auuN6toi
ALYacGen:Variant.Barys.18564
TACHYONWorm/W32.VB-Vobfus.313856
VBA32BScope.Trojan.Diple
Cylanceunsafe
PandaW32/Vobfus.GEP.worm
RisingMalware.FakeFolder/ICON!1.6AC4 (CLASSIC)
YandexWorm.Vobfus!y9ZHFGLiqc0
IkarusTrojan.SuspectCRC
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/VBKrypt.E!tr
AVGWin32:VB-AGHW [Trj]
Cybereasonmalicious.c3848b
DeepInstinctMALICIOUS
alibabacloudWorm:Win/VBObfus.FY

How to remove Worm:Win32/Vobfus.QR?

Worm:Win32/Vobfus.QR removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment