Worm

Worm:Win32/Enosch!pz removal instruction

Malware Removal

The Worm:Win32/Enosch!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Worm:Win32/Enosch!pz virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • HTTPS urls from behavior.
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • CAPE detected the FloodFix malware family
  • Attempts to modify proxy settings
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Worm:Win32/Enosch!pz?


File Info:

name: 7119694150C12B8471AB.mlw
path: /opt/CAPEv2/storage/binaries/8733139bb3b5fb24d413ec2f6fe11133a6be2398182807f183f352c93c4cb38b
crc32: 4B2D539D
md5: 7119694150c12b8471abd65df07a147d
sha1: 88ed4c0725b03fa70f73344da4fbe28075473ac5
sha256: 8733139bb3b5fb24d413ec2f6fe11133a6be2398182807f183f352c93c4cb38b
sha512: 35f80f34448d07eabc998e7264d949b129a4b6238819897950502fd045b911d630b0751cc25508d54124d3b8bbc4fcd6c0cfb1276b04a5640e4dbaec3b706202
ssdeep: 24576:K8h4aPlfTUYDrQOfseBC1+ZnoBzEgY5cfPtQE3WV9UKkDhmKiKSqSWLvPgIze7ma:K1U9T8ZDYWntr3WVaDb4I3VGiw
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CC95AE61FBCAC1F6CE4B12742065D72FAFF1831857352AE363902E8959B72D1AC36319
sha3_384: 73f7c89a9968c39187d04d5796031b62ebfd1407076cf2d6c52ae2be278825ef4c9aac971b00960dc01bbc4fc47f28b3
ep_bytes: e9bbcdfbffe978feffff6a1068c83c57
timestamp: 2011-05-03 16:57:29

Version Info:

0: [No Data]

Worm:Win32/Enosch!pz also known as:

BkavW32.FloxitNV.PE
LionicVirus.Win32.Virut.mCAF
DrWebTrojan.DownLoader5.50084
MicroWorld-eScanTrojan.Dropper.UYL
FireEyeGeneric.mg.7119694150c12b84
CAT-QuickHealW32.Pioneer.CZ1
SkyhighBehavesLike.Win32.Sality.th
McAfeeGeneric Obfuscated.g
Cylanceunsafe
VIPRETrojan.Dropper.UYL
SangforVirus.Win32.Save.Floxif
K7AntiVirusTrojan ( 0030c2e21 )
AlibabaVirus:Win32/Floxif.gen1
K7GWPassword-Stealer ( 0030c2e21 )
Cybereasonmalicious.150c12
BitDefenderThetaAI:FileInfector.207622A70E
VirITWin32.FloodFix.A
SymantecW32.SillyFDC
ElasticWindows.Virus.Floxif
ESET-NOD32Win32/Floxif.H
APEXMalicious
TrendMicro-HouseCallPE_FLOXIF.D
ClamAVWin.Virus.Pioneer-9111434-0
KasperskyVirus.Win32.Pioneer.cz
BitDefenderTrojan.Dropper.UYL
NANO-AntivirusVirus.Win32.Pioneer.bvrqhu
SUPERAntiSpywareTrojan.Agent/Gen-FolderCon
AvastWin32:Agent-ASTI [Trj]
TencentTrojan.Win32.Dropper.abl
EmsisoftTrojan.Dropper.UYL (B)
F-SecureTrojan.TR/ATRAPS.Gen
BaiduWin32.Virus.Floxif.a
ZillyaVirus.Floxif.Win32.1
TrendMicroPE_FLOXIF.D
Trapminemalicious.high.ml.score
SophosW32/Floxif-C
IkarusWorm.Win32.Enosch
GDataWin32.Trojan-Spy.DataStealer.D066U3
JiangminWin32/Pioneer.l
GoogleDetected
AviraTR/ATRAPS.Gen
VaristW32/Floxif.B
Antiy-AVLVirus/Win32.Pioneer.cz
KingsoftWin32.Pioneer.CZ.2433
XcitiumVirus.Win32.Floxif.A@7h5wha
ArcabitTrojan.Dropper.UYL
ZoneAlarmVirus.Win32.Pioneer.cz
MicrosoftWorm:Win32/Enosch!pz
CynetMalicious (score: 100)
AhnLab-V3HEUR/Fakon.mwf.X1352
VBA32Virus.Win32.Floxif.h
ALYacTrojan.Dropper.UYL
MAXmalware (ai score=82)
MalwarebytesFloxif.Virus.FileInfector.DDS
PandaW32/Floxif.A
ZonerTrojan.Win32.12613
RisingVirus.Floxif!1.9BE6 (CLASSIC)
YandexTrojan.GenAsa!uMTwPhbSHs4
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Scar.OICH
FortinetW32/DataStealer.B!tr
AVGWin32:Agent-ASTI [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)
alibabacloudWorm:Win/Datastealer.2db719e1

How to remove Worm:Win32/Enosch!pz?

Worm:Win32/Enosch!pz removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment