How to remove “GenPack:Win32.Worm.VB.NXJ”?

The GenPack:Win32.Worm.VB.NXJ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What GenPack:Win32.Worm.VB.NXJ virus can do?

Authenticode signature is invalid
CAPE detected the shellcode get eip malware family
Binary file triggered YARA rule
Anomalous binary characteristics

How to determine GenPack:Win32.Worm.VB.NXJ?


File Info:
name: 4E9BE2365C53874D6292.mlw
path: /opt/CAPEv2/storage/binaries/b02b3570fb8e0b024cd1e4bc21c9307e0553ef9a679f8f4b23baff1aff1c8423
crc32: 0061F74C
md5: 4e9be2365c53874d6292f55d11b3992e
sha1: e37b8bb840d8bd3e0515296f75eb15e54ccff797
sha256: b02b3570fb8e0b024cd1e4bc21c9307e0553ef9a679f8f4b23baff1aff1c8423
sha512: 71eb835feefb9b006878aeaf609ac2bd06815b82a5ad2b7fc6cd33ef1acbef377060aac348eddc87bff6a02c5e1d028953b3aad126317826dc3b257784753e2e
ssdeep: 3072:BwoxmoL8HafOafafJAHaqQzTh+Ej7EZnD3XpTeCZbZvk+46eyemcr3iMmY1p3E8o:BwoXRzSBihQzTwcYHdeC0qef7yXwp0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19F149E8773A830F6F5B78A3049B69545DB3278B206B19B8F17A4426A0F733C15E39736
sha3_384: 4e612d29daecbaa48acbe03822245fa3eb065e060165800f5a73014a083257dc75e59301320db77cc9efa1bc1d5dec61
ep_bytes: e8ab140000e981feffff3b0d10804000
timestamp: 2012-09-29 17:47:31

Version Info:
0: [No Data]

GenPack:Win32.Worm.VB.NXJ also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
FireEye	Generic.mg.4e9be2365c53874d
Skyhigh	BehavesLike.Win32.Generic.ch
ALYac	GenPack:Win32.Worm.VB.NXJ
Cylance	unsafe
Sangfor	Trojan.Win32.Save.a
ClamAV	Win.Dropper.Pajetbin-7136153-0
Avast	Win32:Trojan-gen
DrWeb	Win32.HLLP.Woner
VIPRE	GenPack:Win32.Worm.VB.NXJ
Sophos	Generic ML PUA (PUA)
SentinelOne	Static AI – Suspicious PE
Google	Detected
Cynet	Malicious (score: 100)
McAfee	Artemis!4E9BE2365C53
VBA32	TScope.Trojan.VB
Malwarebytes	Generic.Malware.AI.DDS
Ikarus	Trojan.Win64.Agent
Fortinet	W32/PossibleThreat
AVG	Win32:Trojan-gen
DeepInstinct	MALICIOUS
alibabacloud	Trojan

How to remove GenPack:Win32.Worm.VB.NXJ?

GenPack:Win32.Worm.VB.NXJ removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X