Win32/Small.NXL removal instruction

The Win32/Small.NXL is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Small.NXL virus can do?

Sample contains Overlay data
Reads data out of its own binary image
Authenticode signature is invalid

How to determine Win32/Small.NXL?


File Info:
name: 0840F536DADAC08E06EA.mlw
path: /opt/CAPEv2/storage/binaries/7186625189619692c3da755cdf71fb7ba6b497f57ae995ac098d52a6a76e51d0
crc32: B11AB0A6
md5: 0840f536dadac08e06eae6d10f485ed2
sha1: e007cadf53bd7682684404c2961c67d25e066e9a
sha256: 7186625189619692c3da755cdf71fb7ba6b497f57ae995ac098d52a6a76e51d0
sha512: 35d03e7b7ad76d2a86c9e18482b385df894461216bf6409a73fb429df75eec3b7c70b69b0575af09a03b60afb80765f9e7f7474f459dc104ea7da4e4fe199b8c
ssdeep: 1536:Xs7002yD2eyujEyC5YYafh1Mc8/gsWjcdjl9btC:XK002+2eytf3B9bQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C3A39D03B6C14471EAF34A310CBAD850973FBD664B748F9723A4559D8D742E0AE39B2B
sha3_384: b731aa48ac988fb9208b91bd07bc2328b652219fedc23855a6ef592c8a3c18b3b946d7f4bf4699d905f2e946a657e376
ep_bytes: 81ecd00400008d8424c4020000535556
timestamp: 2016-01-28 20:35:33

Version Info:
0: [No Data]

Win32/Small.NXL also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
Skyhigh	BehavesLike.Win32.PWSZbot.ch
ALYac	Gen:Trojan.FileInfector.gqZ@aiJ!CNoi
Malwarebytes	Small.Trojan.Agent.DDS
Zillya	Trojan.Small.Win32.73472
Sangfor	Suspicious.Win32.Save.ins
Cybereason	malicious.f53bd7
VirIT	Trojan.Win32.Genus.REC
Symantec	ML.Attribute.HighConfidence
tehtris	Generic.Malware
ESET-NOD32	a variant of Win32/Small.NXL
APEX	Malicious
Kaspersky	Trojan.Win32.KillMBR.hnd
BitDefender	Gen:Trojan.FileInfector.gqZ@aiJ!CNoi
NANO-Antivirus	Trojan.Win32.Drop.ebudja
MicroWorld-eScan	Gen:Trojan.FileInfector.gqZ@aiJ!CNoi
Avast	Win32:Trojan-gen
Tencent	Malware.Win32.Gencirc.11a8b64a
Emsisoft	Gen:Trojan.FileInfector.gqZ@aiJ!CNoi (B)
F-Secure	Trojan.TR/Small.sfpkg
DrWeb	Trojan.MulDrop6.34771
VIPRE	Gen:Trojan.FileInfector.gqZ@aiJ!CNoi
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.0840f536dadac08e
Sophos	ML/PE-A
Ikarus	Trojan.Win32.Small
Jiangmin	Worm.Generic.ahe
Google	Detected
Avira	TR/Small.sfpkg
Antiy-AVL	Worm/Win32.AGeneric
Microsoft	Program:Win32/Wacapew.C!ml
Arcabit	Trojan.FileInfector.E2A414
ZoneAlarm	Trojan.Win32.KillMBR.hnd
GData	Gen:Trojan.FileInfector.gqZ@aiJ!CNoi
AhnLab-V3	Malware/Win32.Generic.C1925546
McAfee	Artemis!0840F536DADA
MAX	malware (ai score=81)
VBA32	BScope.Trojan.Diple
Cylance	unsafe
Rising	Worm.Generic!8.402 (TFE:4:WWpmpT5Bf4P)
Yandex	Trojan.Igent.bZpfsa.1
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.184425872.susgen
BitDefenderTheta	AI:Packer.F3F37C821F
AVG	Win32:Trojan-gen
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Win32/Small.NXL?

Win32/Small.NXL removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X