Malware

Win32/GenCBL.YQ removal guide

Malware Removal

The Win32/GenCBL.YQ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/GenCBL.YQ virus can do?

  • Executable code extraction
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Win32/GenCBL.YQ?



File Info:

crc32: F5FFEA6B
md5: 95937abc65298a16d831ca91decf48a3
name: 95937ABC65298A16D831CA91DECF48A3.mlw
sha1: f18b1e235a44c048994fe6852fabdbb82f4b624b
sha256: 4737b939774fa43ffaec93dcee6112b2c3372bcd9910ecd2969cb8dc75ef4857
sha512: c0707c6c3acab967684b0e676f58f7ab2f1acd182f6d4edffca00770b08ded543b53881fcf75442ee10b30bba81b13825251d18d896bf9b4c354cafd3cff7b0a
ssdeep: 49152:G1lGdozg6hcF5HPpMu3WM7EiiHv14w7XGQbWI28r9p+/5yOiFvZz:G1lYoUAcF5vpMPMYiiPGw7XG8WI28uY
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: 
InternalName: MediaMonkey
FileVersion: 4.1.30.1914
CompanyName: Ventis Media Inc.
LegalTrademarks: 
ProductName: MediaMonkey
ProductVersion: 3.0
FileDescription: MediaMonkey
OriginalFilename: MediaMonkey.exe
Translation: 0x0409 0x04e4

Win32/GenCBL.YQ also known as:

MicroWorld-eScanTrojan.GenericKD.36367317
McAfeeArtemis!95937ABC6529
SangforTrojan.Win32.Ymacco.AA47
K7AntiVirusTrojan ( 00577fcd1 )
BitDefenderTrojan.GenericKD.36367317
K7GWTrojan ( 00577fcd1 )
SymantecTrojan Horse
AvastWin32:DangerousSig [Trj]
KasperskyHEUR:Backdoor.Win32.Agent.gen
AlibabaTrojan:Win32/GenCBL.d79b3cfb
ViRobotTrojan.Win32.Z.Gencbl.2801672
Ad-AwareTrojan.GenericKD.36367317
EmsisoftMalCert.A (A)
ComodoMalware@#1rs2gvttxiuhr
F-SecureTrojan.TR/Redcap.kuerd
DrWebBackDoor.Rat.324
ZillyaTrojan.GenCBL.Win32.756
McAfee-GW-EditionArtemis!Trojan
FireEyeTrojan.GenericKD.36367317
SophosMal/Generic-S + Troj/Agent-BGMG
IkarusTrojan.Win32.Gencbl
AviraTR/Redcap.kuerd
MicrosoftTrojan:Win32/Ymacco.AA47
ArcabitTrojan.Generic.D22AEBD5
ZoneAlarmHEUR:Backdoor.Win32.Agent.gen
GDataWin32.Backdoor.Parallax.7X8LR4
CynetMalicious (score: 85)
ALYacBackdoor.RAT.Parallax
MAXmalware (ai score=83)
VBA32Backdoor.Rat
MalwarebytesTrojan.Injector
ESET-NOD32a variant of Win32/GenCBL.YQ
FortinetW32/GenCBL.YQ!tr
AVGWin32:DangerousSig [Trj]
Paloaltogeneric.ml
Qihoo-360Win32/Trojan.Generic.HgIASPQA

How to remove Win32/GenCBL.YQ?

Win32/GenCBL.YQ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment