Win32/AutoRun.VB.AMZ removal instruction

The Win32/AutoRun.VB.AMZ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/AutoRun.VB.AMZ virus can do?

Executable code extraction
A process attempted to delay the analysis task.
A process created a hidden window
Creates an autorun.inf file
Installs itself for autorun at Windows startup
Creates a hidden or system file
Network activity detected but not expressed in API logs
Anomalous binary characteristics
Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Win32/AutoRun.VB.AMZ?


File Info:
crc32: D1AA36FB
md5: 8d4e5405ae19dbb8974372268a8603f4
name: 8D4E5405AE19DBB8974372268A8603F4.mlw
sha1: a2855550498ab126ab20349a72dbc7361a9831e8
sha256: d5847ee90f94d514ea3b222427a1f202ba8a59c1a4093b897b4b53ad0b0bd8b4
sha512: f48fe5ed648bc668ac8fa5a620a1f2a199b9593d50cf7c86f7b2e4a7d40a2308593bc39210552c38bfec2f3fe7b4888261611422b83b5a624f3c5531fc742724
ssdeep: 6144:U2oZqAYTSE0CzjeNH0LCZhwcU8oa7bN4iAdyk2xoexGET1vWy2U:UX0eZhJ9H7bSbMkWoexGO1
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x0409 0x04b0
LegalCopyrix167ht: MicrOsoft Wx16frd Documx2065nt                    x220                               0                                        x2020           0                                               `    0     xa0                                                  0                         x2020  
InternalName: Ms Word
FileVersion: 1.00
CompanyName: Microsoft xa9 Corporation                                                                                                                                                                                                                                                                                                            x420               x220       x120    x120                   x220             x221 
Legax406cTrademarks: Micbosoft Word Document                                              x1020              
Comments: Microsoft Word Document                                                                                                                                                                                                                                                           
ProductName: Microsoft Word Document                                                                                                                                                                                                                                        
ProductVersion: 1.00
FileDesx163ription: Microsoft x157orx864 Document              x220 "           x120      x4020  ! x220                 x420   x1020         (  x420                    x1020     x820    
OriginalFilename: Ms Word.exe

Win32/AutoRun.VB.AMZ also known as:

Bkav	W32.AIDetectVM.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Trojan.Heur.Gu1@sfuiaYfif
FireEye	Generic.mg.8d4e5405ae19dbb8
CAT-QuickHeal	Trojan.Comame.AZ3
ALYac	Gen:Trojan.Heur.Gu1@sfuiaYfif
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Trojan.Win32.Swisyn.kZb9
Sangfor	Malware
CrowdStrike	win/malicious_confidence_100% (D)
BitDefender	Gen:Trojan.Heur.Gu1@sfuiaYfif
K7GW	P2PWorm ( 004d2e201 )
K7AntiVirus	P2PWorm ( 004d2e201 )
BitDefenderTheta	AI:Packer.BF4B0FB11D
Symantec	W32.SillyFDC
ESET-NOD32	Win32/AutoRun.VB.AMZ
Baidu	Win32.Worm.AutoRun.bi
TrendMicro-HouseCall	TROJ_SWISYN_000006c.TOMA
Avast	Win32:Patched-AFR [Trj]
ClamAV	Win.Dropper.Swisyn-6832473-0
Kaspersky	Trojan.Win32.Swisyn.bvpz
Alibaba	Trojan:Win32/udisk.ali1000021
NANO-Antivirus	Trojan.Win32.Swisyn.wghai
Rising	Worm.Autorun!1.99ED (CLOUD)
Ad-Aware	Gen:Trojan.Heur.Gu1@sfuiaYfif
Sophos	Mal/Generic-S
Comodo	Worm.Win32.VB.amz@4s3j97
F-Secure	Trojan.TR/Patched.Ren.Gen
DrWeb	Trojan.DownLoader5.17157
Zillya	Trojan.Swisyn.Win32.29672
TrendMicro	TROJ_SWISYN_000006c.TOMA
McAfee-GW-Edition	BehavesLike.Win32.Generic.ht
Emsisoft	Gen:Trojan.Heur.Gu1@sfuiaYfif (B)
Ikarus	Trojan.Win32.Swisyn
Jiangmin	Win32/Virut.bv
Avira	TR/Patched.Ren.Gen
MAX	malware (ai score=100)
Antiy-AVL	Trojan/Win32.Swisyn.bvpz
Microsoft	Trojan:Win32/Dorv.A
Arcabit	Trojan.Heur.ED12130
AhnLab-V3	Packed/Win32.Krap.C70378
ZoneAlarm	Trojan.Win32.Swisyn.bvpz
GData	Gen:Trojan.Heur.Gu1@sfuiaYfif
Cynet	Malicious (score: 100)
TotalDefense	Win32/VB.LERZPSD
Acronis	suspicious
McAfee	W32/Worm-FDN!8D4E5405AE19
VBA32	TScope.Trojan.VB
Malwarebytes	Nimnul.Virus.FileInfector.DDS
Panda	Generic Malware
APEX	Malicious
Tencent	Virus.Win32.Virut.ua
Yandex	Trojan.GenAsa!XgCKClU0Fi8
SentinelOne	Static AI – Malicious PE – Worm
MaxSecure	Virus.Virut.CE
Fortinet	W32/VB.AMZ!tr
AVG	Win32:Patched-AFR [Trj]
Cybereason	malicious.5ae19d
Paloalto	generic.ml
Qihoo-360	Malware.Radar01.Gen

How to remove Win32/AutoRun.VB.AMZ?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Win32/AutoRun.VB.AMZ removal instruction