Malware

How to remove “Win32.Virtob.4.Gen”?

Malware Removal

The Win32.Virtob.4.Gen is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32.Virtob.4.Gen virus can do?

  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Binary compilation timestomping detected

How to determine Win32.Virtob.4.Gen?



File Info:

name: A7BECEC6651A6B0FADA2.mlw
path: /opt/CAPEv2/storage/binaries/fed634b828112e3c5788f14197382fb48fbf2c11510182ef3cc80fec98a653a7
crc32: 68B64525
md5: a7becec6651a6b0fada2bcd8cafc3430
sha1: b5352932239ecee7aa7ce6f23f59dd07b1aee403
sha256: fed634b828112e3c5788f14197382fb48fbf2c11510182ef3cc80fec98a653a7
sha512: 8ec35cd1ec5d89b6055bbb09c750c56cba19678288a2771d7b9954fd8a8b77509a09d7ecc7c08a75df499bbfb4ff678b5887b2b97ff1f1ef28e1ede20cbce80a
ssdeep: 1536:8huAQOTi51Mjl8AJqxcBCs/ldl7IgDA8RpH4X:auAQv1il8AJ9J7IKA8D
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12BA3BF127BA9402FE4F617B004AA2935E837FDB49E38D1AF0365685D3D70B856C78727
sha3_384: ab431fc341de0dd6c2b9bc853e605c0fa81bbe05cf9ab8b54307211b758369dc839cb03d27e30465a4a19525b08564f2
ep_bytes: 558bece811000000f9e8d500000090bd
timestamp: 2055-05-25 18:10:40


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Internet Connection Wizard
FileVersion: 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
InternalName: INETWIZ
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: INETWIZ.EXE
ProductName: Microsoft® Windows® Operating System
ProductVersion: 6.00.2900.2180
Translation: 0x0409 0x04b0

Win32.Virtob.4.Gen also known as:

BkavW32.Vetor.PE
LionicVirus.Win32.Virut.mqoy
Elasticmalicious (high confidence)
DrWebWin32.Virut.5
MicroWorld-eScanWin32.Virtob.4.Gen
CAT-QuickHealW32.Virut.D
SkyhighBehavesLike.Win32.Virut.nt
McAfeeW32/Virut.gen.A
MalwarebytesVirut.Virus.FileInfector.DDS
ZillyaVirus.Virut.Win32.14
SangforWorm.Win32-Script.Save.Nimda
AlibabaVirus:Win32/Runouce.3ed7
K7GWVirus ( 7000000b1 )
K7AntiVirusVirus ( 7000000b1 )
ArcabitWin32.Virtob.4.Gen
BitDefenderThetaAI:FileInfector.64FF27A612
VirITWin32.Chir.B
SymantecW32.Virut.U
ESET-NOD32Win32/Virut.BA
APEXMalicious
TrendMicro-HouseCallPE_VIRUT.XP-4
Paloaltogeneric.ml
ClamAVWin.Trojan.Virut-102
KasperskyVirus.Win32.Virut.q
BitDefenderWin32.Virtob.4.Gen
NANO-AntivirusVirus.Win32.Virut.jxol
AvastWin32:Crypt-RPY [Trj]
TencentWorm.Win32.Runouce.d
EmsisoftWin32.Virtob.4.Gen (B)
F-SecureMalware.W32/Chir.B
BaiduWin32.Virus.Virut.i
VIPREWin32.Virtob.4.Gen
TrendMicroPE_VIRUT.XP-4
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.a7becec6651a6b0f
SophosW32/Vetor-A
SentinelOneStatic AI – Malicious PE
JiangminBackdoor/Agent.bgb
GoogleDetected
AviraW32/Chir.B
VaristW32/Virut.D.gen!Eldorado
Antiy-AVLVirus/Win32.Virut.q
KingsoftWin32.Virut.ce.57344
XcitiumVirus.Win32.Virut.q@1fhkey
MicrosoftVirus:Win32/Virut.K
ViRobotWin32.Virut.Gen.B
ZoneAlarmVirus.Win32.Virut.q
GDataWin32.Worm.Runouce.D
CynetMalicious (score: 100)
AhnLab-V3Win32/Virut.D
Acronissuspicious
VBA32Virus.Virut.07
ALYacWin32.Virtob.4.Gen
MAXmalware (ai score=100)
Cylanceunsafe
PandaW32/Virutas.gen
ZonerProbably Heur.ExeHeaderL
RisingVirus.Virut!1.A08C (CLASSIC)
YandexWin32.Virut.Gen.5
IkarusVirus.Win32.Virut
MaxSecureVirus.Virut.Gen
FortinetW32/Virut.fam
AVGWin32:Crypt-RPY [Trj]
DeepInstinctMALICIOUS
alibabacloudVirus:Win/Chir.A

How to remove Win32.Virtob.4.Gen?

Win32.Virtob.4.Gen removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment