Solved! Use NEGERI SERUMPUN SEBALAI .PIF .BAT .COM .SCR .EXE (Trojan Banload) Removal Guide

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

NEGERI SERUMPUN SEBALAI .PIF .BAT .COM .SCR .EXE – Trojan Banload removal

File MD5 Virus Alias
NEGERI SERUMPUN SEBALAI .PIF .BAT .COM .SCR .EXE 424d3d1528c8e83e466ffad0146ebf2b Trojan Banload
NEGERI SERUMPUN SEBALAI .PIF .BAT .COM .SCR .EXE 424d3d1528c8e83e466ffad0146ebf2b Trojan Generic
NEGERI SERUMPUN SEBALAI .PIF .BAT .COM .SCR .EXE 424d3d1528c8e83e466ffad0146ebf2b Trojan Downloader
NEGERI SERUMPUN SEBALAI .PIF .BAT .COM .SCR .EXE 424d3d1528c8e83e466ffad0146ebf2b Trojan Agent
NEGERI SERUMPUN SEBALAI .PIF .BAT .COM .SCR .EXE 424d3d1528c8e83e466ffad0146ebf2b Trojan Banker

NEGERI SERUMPUN SEBALAI .PIF .BAT .COM .SCR .EXE size: 1550319 bytes
NEGERI SERUMPUN SEBALAI .PIF .BAT .COM .SCR .EXE hash: 424D3D1528C8E83E466FFAD0146EBF2B

Created files:

C:\Folder.htt
C:\Mr_CF.pif
C:\Mr_CoolFace.scr
%WinDir%\Negeri Serumpun Sebalai .pif .bat .com .scr .exe
%SysDir%\t.exe
%AppData%\explorer.exe
%AppData%\Mr_CF\Folder.htt
%AppData%\Mr_CoolFace.exe
%Desktop%\Message For My Princess.scr
%UserProfile%\Local Settings\DNALSI_AKGNAB.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\k: t.exekssh
HKCU\Control Panel\Desktop\SCRNSAVE.EXE: MR_COO~1.SCR

Detected by UnHackMe:

NEGERI SERUMPUN SEBALAI .PIF .BAT .COM .SCR .EXE
Default location: %WinDir%\NEGERI SERUMPUN SEBALAI .PIF .BAT .COM .SCR .EXE

Dropper information:
MD5: 424d3d1528c8e83e466ffad0146ebf2b
File size: 1550319 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images