What is “Generik.CSMFRXP”?

The Generik.CSMFRXP is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generik.CSMFRXP virus can do?

Dynamic (imported) function loading detected
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Generik.CSMFRXP?


File Info:
name: 9136C4DBD0304923E35A.mlw
path: /opt/CAPEv2/storage/binaries/608039f7e1ddd6182ff9cc8ea07523d90aec1ed37f99d5701c1b22127e89b9c0
crc32: 2684C795
md5: 9136c4dbd0304923e35a521f174593f6
sha1: 150d321f2ab66fbfb8fa52170458ae38a285d4a5
sha256: 608039f7e1ddd6182ff9cc8ea07523d90aec1ed37f99d5701c1b22127e89b9c0
sha512: 80742cbeb9f89666392e56d7b6c9fd93750cd7dd3271c8498890f5f1fcb01d931b6dfb54e88de5e4fcf1e1cfb08c2af0e3d6eb8dbf085d29daba457ba4e9d7c6
ssdeep: 12288:suQFM3a/AWJFg4WOQCaMyZHXjBSU4BWArzPBq/clSPj0ZuzlBQ:su5yJFkOQey1TgV04HpA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BFC4120A378EEA27C13D297480E5105863B9E6573B52D38B1ED52D945AD3FF88A0EF43
sha3_384: 72afbf623c0e1bbd8dad9aa621f411c6356737fe9cc659db8c7667ae7366fdcb792fb762ecb0194682972f95e297835e
ep_bytes: ff250020400000000000000000000000
timestamp: 2017-12-20 14:25:09

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: ABB
FileDescription: Corona Auto Updater
FileVersion: 2.0.2.0
InternalName: AutoUpdater.exe
LegalCopyright: Copyright ©  2017
LegalTrademarks: 
OriginalFilename: AutoUpdater.exe
ProductName: AutoUpdater
ProductVersion: 2.0.2.0
Assembly Version: 2.0.2.0

Generik.CSMFRXP also known as:

Bkav	W32.AIDetectNet.01
Lionic	Trojan.Win32.Generic.4!c
FireEye	Generic.mg.9136c4dbd0304923
Cylance	Unsafe
Alibaba	Trojan:Application/Generic.9fd1624e
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Generik.CSMFRXP
TrendMicro-HouseCall	TROJ_GEN.R002H0CG622
Paloalto	generic.ml
Avast	Win32:Malware-gen
Comodo	Malware@#1prd7oripxu9r
McAfee-GW-Edition	BehavesLike.Win32.Fareit.hc
SentinelOne	Static AI – Suspicious PE
Trapmine	malicious.high.ml.score
Sophos	Mal/Generic-S
Ikarus	Trojan.SuspectCRC
Avira	TR/Dropper.Gen
Microsoft	Trojan:Win32/Wacatac.B!ml
McAfee	Artemis!9136C4DBD030
Malwarebytes	MachineLearning/Anomalous.95%
APEX	Malicious
Rising	Dropper.Generic!8.35E (CLOUD)
MAX	malware (ai score=97)
Fortinet	PossibleThreat
AVG	Win32:Malware-gen
Cybereason	malicious.f2ab66

How to remove Generik.CSMFRXP?

Generik.CSMFRXP removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X