Win32/GenKryptik.FSNZ removal guide

The Win32/GenKryptik.FSNZ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/GenKryptik.FSNZ virus can do?

At least one process apparently crashed during execution
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Win32/GenKryptik.FSNZ?


File Info:
name: FA9ADEEC8A06B776AB1D.mlw
path: /opt/CAPEv2/storage/binaries/29032bafb6898d933fd1c37200a0d6783e1a02bdc7cac9bfbc1a88decf7600d8
crc32: 47C72EB0
md5: fa9adeec8a06b776ab1d2a72851d6322
sha1: fb3394c9121af9fa96e2db028e1cf7d821b8780d
sha256: 29032bafb6898d933fd1c37200a0d6783e1a02bdc7cac9bfbc1a88decf7600d8
sha512: e24abf37a720254f3778ec9e3ec6f0acc432366a34cd2b2fdcfbf9b066e4c28f1830a488623602e61dac5213b25620560ad5493f6db58422321516bd08296bee
ssdeep: 6144:ZWGV83D35bJrqV2L/E0tA+j16kUef5Nj1mB9WjEw0tzMV:ZsvmVe9h1qEtkBzw0tQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15994E0192A22D0D8FDB51331729AC09187787EF34CD6366650CE368A7AF7B0CA71F964
sha3_384: 6c8f1ff595ba39f505988392cb6bc8c0ace21d023d332225c50eae95b0c17c77f16ef15591fe2e6cc30a23e62d3ac93b
ep_bytes: 558bece81e000000b800004000050010
timestamp: 2016-12-06 11:34:00

Version Info:
Comments: www.sopcast.com
CompanyName: www.sopcast.com
FileDescription: SopCast Main Application
FileVersion: 4.2.0.800
InternalName: SopCast.exe
LegalCopyright: Copyright (C) 2004 - 2013, SopCast.com.  All rights reserved.
OriginalFilename: SopCast.exe
ProductName: SopCast
ProductVersion: 4.2.0.800
Translation: 0x0409 0x04e4

Win32/GenKryptik.FSNZ also known as:

Bkav	W32.AIDetect.malware1
Cynet	Malicious (score: 100)
FireEye	Generic.mg.fa9adeec8a06b776
CAT-QuickHeal	Trojan.Mauvaise.SL1
McAfee	GenericRXSU-OG!FA9ADEEC8A06
Malwarebytes	Malware.AI.1634969234
VIPRE	Trojan.GenericKDZ.87225
K7AntiVirus	Trojan ( 005902d61 )
BitDefender	Trojan.GenericKDZ.87225
K7GW	Trojan ( 005902d61 )
Cybereason	malicious.9121af
Cyren	W32/GandCrab.AT.gen!Eldorado
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/GenKryptik.FSNZ
APEX	Malicious
ClamAV	Win.Ransomware.Gandcrab-9948809-0
Kaspersky	VHO:Trojan.Win32.Crypt.gen
MicroWorld-eScan	Trojan.GenericKDZ.87225
Avast	Win32:MalOb-FE [Cryp]
Tencent	Malware.Win32.Gencirc.10d035b5
Ad-Aware	Trojan.GenericKDZ.87225
Emsisoft	Trojan.GenericKDZ.87225 (B)
DrWeb	Trojan.Packed2.44212
McAfee-GW-Edition	GenericRXSU-OG!FA9ADEEC8A06
Trapmine	malicious.moderate.ml.score
Sophos	ML/PE-A
Ikarus	Trojan.Crypter
GData	Trojan.GenericKDZ.87225
MAX	malware (ai score=82)
Antiy-AVL	Trojan/Generic.ASMalwS.A3
Arcabit	Trojan.Generic.D154B9
SUPERAntiSpyware	Trojan.Agent/Gen-Kryptik
ZoneAlarm	VHO:Trojan.Win32.Crypt.gen
Microsoft	Trojan:Win32/Wacatac.B!ml
AhnLab-V3	Trojan/Win.Gandcrab.R457503
ALYac	Trojan.GenericKDZ.87225
Cylance	Unsafe
Rising	Trojan.Generic@AI.90 (RDML:wXKCFw6/FLkrk52uhgxijg)
Yandex	Trojan.GenAsa!EooOfm73eOg
SentinelOne	Static AI – Suspicious PE
BitDefenderTheta	Gen:NN.ZexaF.34786.Au0@aGiZK@gi
AVG	Win32:MalOb-FE [Cryp]
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Win32/GenKryptik.FSNZ?

Win32/GenKryptik.FSNZ removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X