Categories: Worm

Worm.Generic.439408 removal

The Worm.Generic.439408 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm.Generic.439408 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Arabic (Egypt)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Checks for the presence of known devices from debuggers and forensic tools
  • Checks for the presence of known devices from debuggers and forensic tools

How to determine Worm.Generic.439408?



File Info:

name: 688847EA105733F9008A.mlwpath: /opt/CAPEv2/storage/binaries/007e2025b4011b99de120cd75d6460c65a1e4f959df17e9edfbbda1217eebf8bcrc32: 19F714C0md5: 688847ea105733f9008a0ea25fbdab4csha1: 9951dfa5832625d82a7e448616b766bd797f0a17sha256: 007e2025b4011b99de120cd75d6460c65a1e4f959df17e9edfbbda1217eebf8bsha512: 0e63473dc5ed58f62ae4a72926cb28a014085e31ce1616af7dee96fdb359721265cc346cbb3f4bade3129d66f8efd32c423f6ce980b2df3f9542f5b9f00bc7bcssdeep: 3072:1pWz8+SqJ38EJkTdVxIKSF1TewlQy5KqnYxriy:1pWjrp2dVx81TTmy8qnYOytype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1A9E38B5ECB7360F2FBE3FEF844257315856BAE90086B504A70D928FB59BEA8C45442CDsha3_384: 365fa6301fbf8108d1e3fa7b0c3c024f1bc983dc4f9aa921381616f4c5bd3ff7200915b03ea9889bf80ccbbb831c5784ep_bytes: 558bec83c4f0b81c784000e828b6fffftimestamp: 2012-12-15 02:34:53

Version Info:

InternalName: avscanProductName: AntiVir DesktopCompanyName: Avira GmbHLegalCopyright: Copyright © 2000 - 2010 Avira GmbH. All rights reserved.ProductVersion: 10.03.00.07FileDescription: On-Demand ScannerLegalTrademarks: AntiVir® is a registered trademark of Avira GmbH, Germany.FileVersion: 10.03.00.07OriginalFilename: avscan.exeTranslation: 0x0409 0x04b0

Worm.Generic.439408 also known as:

Bkav W32.AIDetect.malware2
Lionic Trojan.Win32.Generic.4!c
MicroWorld-eScan Worm.Generic.439408
ClamAV Win.Worm.Agent-1145537
FireEye Generic.mg.688847ea105733f9
Cylance Unsafe
VIPRE Worm.Generic.439408
Sangfor Suspicious.Win32.Save.a
CrowdStrike win/malicious_confidence_100% (W)
Alibaba Worm:Win32/Dorkbot.bdaf5432
K7GW Trojan ( 7000000f1 )
K7AntiVirus Trojan ( 7000000f1 )
VirIT Trojan.Win32.Generic.BKWM
Cyren W32/A-60d79c3d!Eldorado
Symantec W32.IRCBot.NG
Elastic malicious (high confidence)
ESET-NOD32 Win32/Dorkbot.B
APEX Malicious
Paloalto generic.ml
Cynet Malicious (score: 100)
Kaspersky HEUR:Trojan.Win32.Generic
BitDefender Worm.Generic.439408
NANO-Antivirus Trojan.Win32.Zbot.hcfub
Avast Win32:Malware-gen
Tencent Malware.Win32.Gencirc.10b3e3d1
Ad-Aware Worm.Generic.439408
Emsisoft Worm.Generic.439408 (B)
Comodo TrojWare.Win32.Kryptik.YDL@4m44uy
DrWeb Trojan.PWS.Panda.547
Zillya Trojan.Jorik.Win32.177535
TrendMicro TROJ_GEN.R002C0DFR22
McAfee-GW-Edition Artemis!Trojan
Trapmine malicious.high.ml.score
Sophos Mal/Generic-S
SentinelOne Static AI – Malicious PE
GData Worm.Generic.439408
Avira DR/Delphi.Gen7
Antiy-AVL Trojan/Generic.ASMalwS.43F
Kingsoft Win32.HeurC.KVM011.a.(kcloud)
ViRobot Backdoor.Win32.U.Ruskill.150016
Microsoft Worm:Win32/Dorkbot.A
Google Detected
AhnLab-V3 Backdoor/Win32.Ruskill.R55571
BitDefenderTheta Gen:NN.ZelphiF.34592.jO0@ae9rKaiG
ALYac Worm.Generic.439408
MAX malware (ai score=80)
VBA32 TrojanPSW.Panda
Malwarebytes Worm.DorkBot
TrendMicro-HouseCall TROJ_GEN.R002C0DFR22
Rising Trojan.Generic@AI.88 (RDML:yLI8NW3YkhddHvoR02qaFQ)
Yandex Trojan.GenAsa!6TXMv77i1UE
Ikarus Virus.Win32.Heur
MaxSecure Trojan.Malware.7164915.susgen
Fortinet W32/Generic.AC.238038!tr
AVG Win32:Malware-gen
Cybereason malicious.a10573
Panda Trj/CI.A

How to remove Worm.Generic.439408?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: avscanWorm.Generic.439408
2 years ago

Recent Posts

How to remove “Worm:Win32/Korgo.V”?

The Worm:Win32/Korgo.V is considered dangerous by lots of security experts. When this infection is active,…

6 mins ago

Worm.Win32.Vobfus.dlcn (file analysis)

The Worm.Win32.Vobfus.dlcn is considered dangerous by lots of security experts. When this infection is active,…

10 mins ago

Win32/Adware.InternetAntivirus removal instruction

The Win32/Adware.InternetAntivirus is considered dangerous by lots of security experts. When this infection is active,…

10 mins ago

TrojanDownloader:Win32/Unruy.A removal instruction

The TrojanDownloader:Win32/Unruy.A is considered dangerous by lots of security experts. When this infection is active,…

15 mins ago

Trojan:MSIL/Zusy.RDF!MTB removal guide

The Trojan:MSIL/Zusy.RDF!MTB is considered dangerous by lots of security experts. When this infection is active,…

15 mins ago

About “Win32:Sality-KYG” infection

The Win32:Sality-KYG is considered dangerous by lots of security experts. When this infection is active,…

15 mins ago