Worm

What is “Worm.Generic.42104”?

Malware Removal

The Worm.Generic.42104 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Worm.Generic.42104 virus can do?

  • Creates RWX memory
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Checks for the presence of known windows from debuggers and forensic tools
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Worm.Generic.42104?


File Info:

crc32: 0012BB66
md5: ed922ef6c1df6df6e66a5ec8c714b9ff
name: ED922EF6C1DF6DF6E66A5EC8C714B9FF.mlw
sha1: 10178bcc01344f22a64a1f403e19ff7226d533cc
sha256: 8fa2bd422da156e645a4b61f0b71857c6f698f24d845925e2503c4085f848320
sha512: 1d08caec3aa9940905c8188baba54240843272e3aedd27e6fdbf6328a97429777fa3f32e3cabced0df63854bf4f1dfaba2eb0afa15902e810e17b7e94c2a4d76
ssdeep: 24576:mK2SrD8OCGdvF6WhsPEgaCSKc7/3P+lmC:mK2SzlDWEnC3A/m0C
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: Copyright (C) 2002-2005, Linasoft. All Right Reserved.
InternalName: AutoPlay Menu Loader
FileVersion: 4.3.0.288
CompanyName: Linasoft
LegalTrademarks: AutoPlay Menu Loader
Comments: AutoPlay Menu Loader
ProductName: AutoPlay Menu Loader
ProductVersion: 4.3
FileDescription: AutoPlay Menu Loader
OriginalFilename: autorun.exe
Translation: 0x0409 0x04e4

Worm.Generic.42104 also known as:

LionicWorm.Win32.Generic.o!c
CMCGeneric.Win32.ed922ef6c1!CMCRadar
ALYacWorm.Generic.42104
CylanceUnsafe
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Malware-gen
BitDefenderWorm.Generic.42104
MicroWorld-eScanWorm.Generic.42104
Ad-AwareWorm.Generic.42104
ComodoTrojWare.Win32.P2P-Worm.Bacteraloh.~BAAA@1j79b
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Virus.th
FireEyeWorm.Generic.42104
EmsisoftWorm.Generic.42104 (B)
MicrosoftTrojan:Win32/Wacatac.B!ml
ArcabitWorm.Generic.DA478
GDataWorm.Generic.42104
McAfeeArtemis!ED922EF6C1DF
MAXmalware (ai score=100)
PandaTrj/CI.A
MaxSecureTrojan.Malware.9655.susgen
FortinetW32/Bacteraloh.AC!worm.p2p
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Worm.Generic.42104?

Worm.Generic.42104 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment