Worm

What is “Worm.AutoRun.FW”?

Malware Removal

The Worm.AutoRun.FW is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm.AutoRun.FW virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Worm.AutoRun.FW?



File Info:

name: E4C970FD3B9E2A1D96B8.mlw
path: /opt/CAPEv2/storage/binaries/14fd2c5cf0414f3be5e49a996947b040710256711ac05218b629ede5d9dfce27
crc32: 6948F03E
md5: e4c970fd3b9e2a1d96b8865af808c689
sha1: 50a974a1af4bcaf9756795424b288c841ab15210
sha256: 14fd2c5cf0414f3be5e49a996947b040710256711ac05218b629ede5d9dfce27
sha512: e3a18b0597532a167aa750d8201ca6fb8f9d4c7391c4b3e8b1437a85d77ca2d0ec9925dc2ab70e9de1bfd7d580cce742302223d62016606f8675753d0dd707eb
ssdeep: 3072:Re6/Xey/inrM5XIYwEfdrvr2JNZlUbX8PKCB3pV/cQYTFobXiCB3axXfxeS:nZinr8XIY9oNf0sPK6FY0i9h
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T163646DC2F345D588FCAB0431403BDE981A06FE25B9812A263BD5BB5FDE73181A57781B
sha3_384: f8b35f253ceb4e80a3a66db22ecc34619d79ddffdbd88ce17814b6c6907b9ecb6341bb6b10a50afb9bf97049b5c1a901
ep_bytes: c3909090909090909090909090909090
timestamp: 2007-03-03 10:01:51


Version Info:

0: [No Data]

Worm.AutoRun.FW also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (moderate confidence)
FireEyeGeneric.mg.e4c970fd3b9e2a1d
CylanceUnsafe
SangforTrojan.Win32.Agent.Vxcw
CrowdStrikewin/malicious_confidence_90% (W)
CyrenW32/S-820eb73a!Eldorado
SymantecML.Attribute.HighConfidence
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 99)
SUPERAntiSpywareTrojan.Agent/Gen-FakeAV
AvastWin32:Evo-gen [Trj]
F-SecureTrojan.TR/Crypt.CFI.Gen
SophosGeneric PUA FA (PUA)
IkarusVirus.Win32.Virut
GDataWin32.Trojan.Agent.WSCNZF
AviraTR/Crypt.CFI.Gen
ViRobotTrojan.Win32.Z.Wacapew.315392.A
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
MalwarebytesWorm.AutoRun.FW
TrendMicro-HouseCallTROJ_GEN.R002H0CIO22
RisingTrojan.Generic@AI.100 (RDML:ZIpVI6OeoUEwl8pXKqSjSQ)
YandexTrojan.Genome!e5G2Nqfjw3I
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/PossibleThreat
BitDefenderThetaGen:NN.ZexaF.34682.tmW@aWmK24gi
AVGWin32:Evo-gen [Trj]
Cybereasonmalicious.d3b9e2

How to remove Worm.AutoRun.FW?

Worm.AutoRun.FW removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment