Worm

About “Worm:Win32/Autorun!BS” infection

Malware Removal

The Worm:Win32/Autorun!BS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm:Win32/Autorun!BS virus can do?

  • Performs some HTTP requests
  • A process attempted to delay the analysis task by a long amount of time.
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Creates a slightly modified copy of itself
  • Anomalous binary characteristics

Related domains:

hq-pharma.org

How to determine Worm:Win32/Autorun!BS?



File Info:

crc32: 2F56E97B
md5: 99ebda381fe41c2347ecf7553f1d06cb
name: 99EBDA381FE41C2347ECF7553F1D06CB.mlw
sha1: 823009cc92dcd71d5d72e86c7fa34654661d0198
sha256: adcd065d942b709808b6870e73f27f2e352dc74e2361fe28bb8fe6c2562a3be4
sha512: 54a6a7ea39140c520addaefd6d318ed2427bd833b4200c60c7f6d4f19915b7cdbbdeb162574bd044e09625e864359251c442c30e7aedb382123d9410be0256fd
ssdeep: 24576:g8eeqsaw4LLqAe0q0Lvou8txzu4uBvu9Fl:teeqsawkLqAePCIVu4uBvu9Fl
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Worm:Win32/Autorun!BS also known as:

BkavW32.AIDetectVM.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Downloader.Small.AAKR
FireEyeGeneric.mg.99ebda381fe41c23
CAT-QuickHealTrojan.Mauvaise.SL1
ALYacTrojan.Downloader.Small.AAKR
MalwarebytesGeneric.Worm.Autorun.DDS
VIPREWorm.Win32.Socks.bt (fs)
SangforMalware
K7AntiVirusTrojan-Downloader ( 0056ccdc1 )
BitDefenderTrojan.Downloader.Small.AAKR
K7GWTrojan-Downloader ( 0056ccdc1 )
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderThetaAI:Packer.16F46F321B
CyrenW32/Socks.A.gen!Eldorado
SymantecW32.Mandaph
ESET-NOD32Win32/TrojanDownloader.Small.OCE
BaiduWin32.Trojan-Downloader.Agent.au
APEXMalicious
AvastWin32:Injecter-AT [Trj]
ClamAVWin.Worm.Socks-9
KasperskyTrojan-Downloader.Win32.Agent.kiz
NANO-AntivirusTrojan.Win32.Agent.dabszn
ViRobotTrojan.Win32.Downloader.294623
RisingWorm.Autorun!8.50 (TFE:dGZlOgVOcCd2ih4ggg)
Ad-AwareTrojan.Downloader.Small.AAKR
SophosML/PE-A + Mal/Koceg-A
ComodoTrojWare.Win32.TrojanDownloader.Small.OCE@dd2e
F-SecureTrojan.TR/Dropper.Gen
DrWebBackDoor.FireOn.5
ZillyaDownloader.Agent.Win32.42350
TrendMicroBKDR_SMALL.JAN
McAfee-GW-EditionBehavesLike.Win32.Backdoor.tc
EmsisoftTrojan.Downloader.Small.AAKR (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojanDownloader.Agent.tsd
AviraTR/Dropper.Gen
Antiy-AVLTrojan[Downloader]/Win32.Agent
MicrosoftWorm:Win32/Autorun.gen!BS
ArcabitTrojan.Downloader.Small.AAKR
AhnLab-V3Trojan/Win32.Agent.R122920
ZoneAlarmTrojan-Downloader.Win32.Agent.kiz
GDataTrojan.Downloader.Small.AAKR
CynetMalicious (score: 100)
TotalDefenseWin32/Korced!generic
Acronissuspicious
McAfeeBackDoor-DRW
TACHYONTrojan-Downloader/W32.ZBot.Zen
VBA32BScope.Trojan.Click
PandaW32/Socks.A.worm
TrendMicro-HouseCallBKDR_SMALL.JAN
TencentMalware.Win32.Gencirc.10b07944
YandexTrojan.GenAsa!w57yFDP7Hyw
MAXmalware (ai score=83)
eGambitUnsafe.AI_Score_98%
FortinetW32/Socks.NAL!tr
AVGWin32:Injecter-AT [Trj]
Cybereasonmalicious.81fe41
Paloaltogeneric.ml
Qihoo-360HEUR/QVM07.1.0A87.Malware.Gen

How to remove Worm:Win32/Autorun!BS?

Worm:Win32/Autorun!BS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment