Malware

Should I remove “Generic.Rincux2.F44A01B6”?

Malware Removal

The Generic.Rincux2.F44A01B6 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Rincux2.F44A01B6 virus can do?

  • Executable code extraction
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Drops a binary and executes it
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Deletes its original binary from disk
  • Sniffs keystrokes
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Creates a copy of itself

How to determine Generic.Rincux2.F44A01B6?



File Info:

crc32: 27F03F64
md5: 0379d418d5fc03b0090863e2eec8a2ef
name: 0379D418D5FC03B0090863E2EEC8A2EF.mlw
sha1: ab565c50a37f4b2b6af27c09f6d84e2eeb908ea7
sha256: a8fa96d5dd330be7dfcd59d40a73cd2a383235cf12ecda7cdeac22a919fc9be4
sha512: ab499868bd10081aac06d976cebcf72ab9e29f716981c128eafbf85718ae60b21a5582d1342d28ecdd40aa9b926bc380bafe2d952b3833c568f98a90edc26e35
ssdeep: 1536:92eUygwjzzryaQ7zhzxiZty7/i8Fgr+8JUsQOa:LdjzCaQ7zhzf/i8Fn8JUhOa
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

LegalCopyright: x7248x6743x6240x6709 (C) 2005
InternalName: Style
FileVersion: 1, 0, 0, 1
CompanyName: 
LegalTrademarks: 
ProductName: Style x5e94x7528x7a0bx5e8f
ProductVersion: 1, 0, 0, 1
FileDescription: Style Microsoft x57fax7840x7c7bx5e94x7528x7a0bx5e8f
OriginalFilename: Style.EXE
Translation: 0x0804 0x04b0

Generic.Rincux2.F44A01B6 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader34.44014
CynetMalicious (score: 85)
ALYacDeepScan:Generic.Rincux2.F44A01B6
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_80% (W)
AlibabaBackdoor:Win32/Farfli.6ed29332
K7GWTrojan ( 0056f5b81 )
K7AntiVirusTrojan ( 0056f5b81 )
CyrenW32/Farfli.DWDE-7153
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Farfli.CXE
APEXMalicious
AvastWin32:Malware-gen
KasperskyHEUR:Backdoor.Win32.Farfli.gen
BitDefenderDeepScan:Generic.Rincux2.F44A01B6
NANO-AntivirusTrojan.Win32.Farfli.hymocx
MicroWorld-eScanDeepScan:Generic.Rincux2.F44A01B6
TencentWin32.Backdoor.Farfli.Duv
Ad-AwareDeepScan:Generic.Rincux2.F44A01B6
SophosMal/Generic-S
ComodoTrojWare.Win32.Magania.A@5wdy5u
F-SecureHeuristic.HEUR/AGEN.1139066
BitDefenderThetaGen:NN.ZexaF.34608.emKfa0xho2cb
VIPRETrojan.Win32.Generic.pak!cobra
TrendMicroBackdoor.Win32.ZEGOST.SMAL02
McAfee-GW-EditionGenericRXMC-FT!333B1DE5E928
FireEyeGeneric.mg.0379d418d5fc03b0
EmsisoftDeepScan:Generic.Rincux2.F44A01B6 (B)
SentinelOneStatic AI – Suspicious PE
JiangminBackdoor.Farfli.eak
AviraHEUR/AGEN.1139066
eGambitUnsafe.AI_Score_79%
Antiy-AVLTrojan[Backdoor]/Win32.Farfli
KingsoftWin32.Hack.Undef.(kcloud)
MicrosoftTrojan:Win32/Farfli.DSK!MTB
ArcabitDeepScan:Generic.Rincux2.F44A01B6
ZoneAlarmHEUR:Backdoor.Win32.Farfli.gen
GDataDeepScan:Generic.Rincux2.F44A01B6
AhnLab-V3Malware/Win32.RL_Backdoor.R353637
McAfeeArtemis!0379D418D5FC
MAXmalware (ai score=85)
VBA32BScope.Trojan.Fsysna
MalwarebytesMalware.Heuristic.1003
PandaTrj/GdSda.A
TrendMicro-HouseCallBackdoor.Win32.ZEGOST.SMAL02
RisingTrojan.GenKryptik!8.AA55 (TFE:dGZlOgWYBZ3Zue/fgg)
IkarusTrojan.Win32.Farfli
MaxSecureTrojan.Malware.73947863.susgen
FortinetW32/GenKryptik.EOZH!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/Botnet.Rincux.HwsBovsA

How to remove Generic.Rincux2.F44A01B6?

Generic.Rincux2.F44A01B6 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment