Should I remove “Win32/Filecoder.Autoit.H”?

Malware Removal

The Win32/Filecoder.Autoit.H is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Win32/Filecoder.Autoit.H virus can do?

  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Deletes its original binary from disk
  • Attempts to restart the guest VM
  • Creates a copy of itself

How to determine Win32/Filecoder.Autoit.H?


File Info:

crc32: 5200F1DC
md5: e0340f456f76993fc047bc715dfdae6a
name: E0340F456F76993FC047BC715DFDAE6A.mlw
sha1: d47f6f7e553c4bc44a2fe88c2054de901390b2d7
sha256: 1001a8c7f33185217e6e1bdbb8dba9780d475da944684fb4bf1fc04809525887
sha512: cac10c675d81630eefca49b2ac4cc83f3eb29115ee28a560db4d6c33f70bf24980e48bb48ce20375349736e3e6b23a1ca504b9367917328853fffc5539626bbc
ssdeep: 24576:/4GHnhIzOasqUgEOr69/BRH7dCibu+XoAX0eOTva49ttrSpt81ekHPyWe:AshdasJgEOrGBRxCihH7OO49rveMG
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:

LegalCopyright: None
ProductVersion: 3.3.14.2
FileVersion: 1.0.0.0
Comments: None
FileDescription: None
Translation: 0x0409 0x04b0

Win32/Filecoder.Autoit.H also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 700000111 )
DrWebTrojan.MulDrop7.41556
CynetMalicious (score: 100)
CylanceUnsafe
ZillyaTrojan.GenericKD.Win32.78503
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (W)
AlibabaRansom:Win32/KillMBR.8e336f81
K7GWTrojan ( 700000111 )
Cybereasonmalicious.56f769
SymantecRansom.Redboot
ESET-NOD32Win32/Filecoder.Autoit.H
APEXMalicious
AvastWin32:Malware-gen
ClamAVWin.Dropper.Autit-8177147-0
KasperskyTrojan.Win32.KillMBR.gff
BitDefenderTrojan.GenericKD.6010862
NANO-AntivirusTrojan.Win32.GenericKD.eszujj
ViRobotTrojan.Win32.S.Ransom.1246725
MicroWorld-eScanTrojan.GenericKD.6010862
TencentMalware.Win32.Gencirc.11496bd2
Ad-AwareTrojan.GenericKD.6010862
SophosML/PE-A + Mal/Autoit-AE
ComodoMalware@#3f8wd4aintyee
F-SecureDropper.DR/Autoit.zbqnm
BitDefenderThetaGen:NN.ZexaF.34670.s8Z@amxnGMd
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_REDBOOT.A
McAfee-GW-EditionBehavesLike.Win32.TrojanAitInject.tc
FireEyeGeneric.mg.e0340f456f76993f
EmsisoftTrojan.GenericKD.6010862 (B)
WebrootW32.Trojan.GenKD
AviraDR/Autoit.zbqnm
eGambitUnsafe.AI_Score_86%
Antiy-AVLTrojan/Win32.Mbrmodifier
KingsoftWin32.Troj.Killmbr.ac.(kcloud)
MicrosoftRansom:Win32/Genasom
ArcabitTrojan.Generic.D5BB7EE
AegisLabTrojan.Win32.KillMBR.4!c
ZoneAlarmTrojan.Win32.KillMBR.gff
GDataBoot.Trojan-Ransom.Redboot.A
TACHYONTrojan/W32.KillMBR.1723397
AhnLab-V3Trojan/Win32.Ransom.C2162290
McAfeeGeneric Trojan.ei
MAXmalware (ai score=100)
VBA32Trojan.KillMBR
MalwarebytesMalware.Heuristic.1003
PandaTrj/CI.A
TrendMicro-HouseCallRansom_REDBOOT.A
RisingRansom.Agent!8.6B7 (CLOUD)
IkarusTrojan.Win32.Autoit
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Filecoder.H!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/Trojan.KillMBR.HgIASOUA

How to remove Win32/Filecoder.Autoit.H?

Win32/Filecoder.Autoit.H removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment