Solved! Use NPF.SYS (Backdoor Bredolab) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

NPF.SYS – Backdoor Bredolab removal

FileMD5Virus Alias
NPF.SYS b9730495e0cf674680121e34bd95a73b Backdoor Bredolab

NPF.SYS size: 50704 bytes
NPF.SYS hash: B9730495E0CF674680121E34BD95A73B

Created files:

%SysDir%\drivers\npf.sys

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\AmdAgent: VirusShare_0dfa51806aca0f5622e4dc758045b46c.EXE

Detected by UnHackMe:

NPF.SYS
Default location: %SYSDIR%\DRIVERS\NPF.SYS

Dropper information:
MD5: 0dfa51806aca0f5622e4dc758045b46c
File size: 806400 bytes

Leave a Reply