Malware

Generik.FOYRMH removal tips

Malware Removal

The Generik.FOYRMH is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generik.FOYRMH virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Generik.FOYRMH?



File Info:

name: 3665466D67D2A25CFA1F.mlw
path: /opt/CAPEv2/storage/binaries/a90db2156e57ae8e975c0e5537c74a25a841e189968a910d28e7b6d2267eb12c
crc32: 2C2C9ACF
md5: 3665466d67d2a25cfa1fcd657689baf0
sha1: 99cb27a75509057d0c06f502508e6cf1c6f4bb4c
sha256: a90db2156e57ae8e975c0e5537c74a25a841e189968a910d28e7b6d2267eb12c
sha512: d6fdad113bc7f5a2d778a068fc3b488830afbef7d414c1c665e766a999026461c63d24e7ade7e2c1ac04222f2f8f77333a53bc2061bf7022179990fdac144845
ssdeep: 6144:whmvyMelSfNymYIhWqx0LikurL8KhEKVg4e5zohfWhk4bUCcLY7Ex9tHXk12tE:Vz4qWLiksL8KhEh2hfgwLY7EPRUE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T195A4F11F3A954F11C5AD1972C6F7882807E6B7877333C38A3F46229A1E423A5DD497CA
sha3_384: 35949b481aeac8ede81ba3cf361695272d739cdd5207fae64c4d792d96c57beccf190964234874aca1a9ec4ebf8e8703
ep_bytes: ff250020400000000000000000000000
timestamp: 2061-08-06 18:13:47


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: esa
FileVersion: 1.0.0.0
InternalName: esa.exe
LegalCopyright: Copyright ©  2022
LegalTrademarks: 
OriginalFilename: esa.exe
ProductName: esa
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Generik.FOYRMH also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.38873312
ALYacTrojan.GenericKD.38873312
CylanceUnsafe
Cybereasonmalicious.755090
BitDefenderThetaGen:NN.ZemsilF.34182.Dm0@ay!KW6l
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Generik.FOYRMH
TrendMicro-HouseCallTROJ_GEN.R002C0PB622
Paloaltogeneric.ml
KasperskyHEUR:Trojan.MSIL.Crypt.gen
BitDefenderTrojan.GenericKD.38873312
AvastWin32:Trojan-gen
SophosGeneric ML PUA (PUA)
TrendMicroTROJ_GEN.R002C0PB622
McAfee-GW-EditionRDN/Generic.rp
SentinelOneStatic AI – Malicious PE
FireEyeGeneric.mg.3665466d67d2a25c
EmsisoftTrojan.GenericKD.38873312 (B)
IkarusTrojan.SuspectCRC
Antiy-AVLTrojan/Generic.ASMalwS.3521E62
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataTrojan.GenericKD.38873312
CynetMalicious (score: 100)
McAfeeRDN/Generic.rp
MalwarebytesMachineLearning/Anomalous.95%
APEXMalicious
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:9u4xK5tuBYmf5g4Lok6LFg)
MAXmalware (ai score=80)
MaxSecureTrojan.Malware.300983.susgen
FortinetPossibleThreat
AVGWin32:Trojan-gen
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Generik.FOYRMH?

Generik.FOYRMH removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment