I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
KRNLN.FNR – Trojan Lineage removal
| File | MD5 | Virus Alias |
|---|---|---|
| KRNLN.FNR | 4b30dbe1a79b2b7572ff637cb3765ced | Trojan Lineage |
| KRNLN.FNR | 4b30dbe1a79b2b7572ff637cb3765ced | Trojan Generic |
KRNLN.FNR size: 1089536 bytes
KRNLN.FNR hash: 4B30DBE1A79B2B7572FF637CB3765CED
Created files:
%Temporary Internet Files%\Content.IE5\1HVEIEYW\background_gradient[1]
%Temporary Internet Files%\Content.IE5\1HVEIEYW\dnserrordiagoff_webOC[1]
%Temporary Internet Files%\Content.IE5\8OZFYSFM\ErrorPageTemplate[1]
%Temporary Internet Files%\Content.IE5\8OZFYSFM\info_48[1]
%Temporary Internet Files%\Content.IE5\9ZXDM8KN\httpErrorPagesScripts[1]
%Temporary Internet Files%\Content.IE5\M3TXLF4P\bullet[1]
%Temporary Internet Files%\Content.IE5\M3TXLF4P\errorPageStrings[1]
%TEMP%\E_N4\iext.fnr
%TEMP%\E_N4\krnln.fnr
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\ialdnwxf\Type: 01000000
HKLM\System\CurrentControlSet\Services\ialdnwxf\Start: 03000000
HKLM\System\CurrentControlSet\Services\ialdnwxf\DisplayName: ialdnwxf
HKLM\System\CurrentControlSet\Services\ialdnwxf\ImagePath: \superec.ProcessMemory.sys
Detected by UnHackMe:
KRNLN.FNR
Default location: %TEMP%\E_N4\KRNLN.FNR
Dropper information:
MD5: 10cd3ef2440d08e54e4e99f0e52b2d97
File size: 834540 bytes