Worm

Win32.Worm.Autorun.VX removal tips

Malware Removal

The Win32.Worm.Autorun.VX is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Win32.Worm.Autorun.VX virus can do?

  • Creates RWX memory
  • A process created a hidden window
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Portuguese (Brazilian)
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent file extensions from being displayed
  • Attempts to modify Explorer settings to prevent hidden files from being displayed
  • Uses suspicious command line tools or Windows utilities

How to determine Win32.Worm.Autorun.VX?


File Info:

crc32: BDF42292
md5: 8c10162602c7126b5b9929bba0a5d860
name: 8C10162602C7126B5B9929BBA0A5D860.mlw
sha1: ec8a296e64ea3ca6dc0c54f921d204b9c4019290
sha256: 89dbdd11aa6e5aee7493042a1298c128d433a96037d17f8a9c3df1fbcc0fd9d3
sha512: 39c4f9f62b8a9e6b91f925c0be28f9d78cc57b99b718eb98aee4c90d4b088214c33b83c4a5d4bde2ad91d7b159adf3f8cfd1caf49662c644aaee7d4bf354f886
ssdeep: 3072:cXKtBTMhG/dryHOSIXW9rTsZEV1vyyvBAm0w0MoqT/r+fF6Q4ya++LbAK:cXSBT9VUOqVTaU1qw50ldwQk
type: MS-DOS executable, MZ for MS-DOS

Version Info:

0: [No Data]

Win32.Worm.Autorun.VX also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 0016e12c1 )
Elasticmalicious (high confidence)
DrWebWin32.HLLW.Autoruner.57682
ClamAVWin.Trojan.Cosmu-268
CAT-QuickHealTrojan.Cosmu.16395
McAfeeGenericRXAA-AA!8C10162602C7
CylanceUnsafe
ZillyaWorm.Blocker.Win32.1
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (W)
K7GWTrojan ( 0016e12c1 )
Cybereasonmalicious.602c71
BaiduWin32.Worm.Delf.ca
CyrenW32/Cosmu.KVSE-8775
SymantecW32.SillyFDC
ESET-NOD32Win32/AutoRun.Delf.HF
APEXMalicious
AvastWin32:Trojan-gen
CynetMalicious (score: 100)
KasperskyTrojan-Ransom.Win32.Blocker.iwkz
BitDefenderWin32.Worm.Autorun.VX
NANO-AntivirusTrojan.Win32.Cosmu.bavxrk
ViRobotTrojan.Win32.A.Cosmu.212480[UPX]
MicroWorld-eScanWin32.Worm.Autorun.VX
TencentMalware.Win32.Gencirc.10b4d96b
Ad-AwareWin32.Worm.Autorun.VX
SophosMal/Generic-R + W32/AutoRun-BZI
ComodoTrojWare.Win32.Cosmu.KCA@3hhp8i
BitDefenderThetaAI:Packer.7F9635E61D
VIPRETrojan.Win32.Cosmu.xxs (v)
TrendMicroMal_OtorunO
McAfee-GW-EditionGeneric PWS.tp
FireEyeGeneric.mg.8c10162602c7126b
EmsisoftWin32.Worm.Autorun.VX (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Cosmu.gje
AviraWORM/Nenebra.A
Antiy-AVLTrojan/Generic.ASMalwS.DC3
MicrosoftWorm:Win32/Nenebra.A
SUPERAntiSpywareWorm.AutoRun/Variant
ZoneAlarmTrojan-Ransom.Win32.Blocker.iwkz
GDataWin32.Worm.Autorun.VX
AhnLab-V3Trojan/Win32.Agent.C65479
VBA32BScope.TrojanRansom.Blocker
MAXmalware (ai score=88)
MalwarebytesWorm.AutoRun
PandaW32/Autorun.JYX
TrendMicro-HouseCallMal_OtorunO
RisingMalware.FakeFolder/ICON!1.6AA9 (CLASSIC)
YandexTrojan.GenAsa!U4ZEWPpfgSA
IkarusTrojan-Downloader.Win32.Banload
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Cosmu.XXS!tr
AVGWin32:Trojan-gen

How to remove Win32.Worm.Autorun.VX?

Win32.Worm.Autorun.VX removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment