Solved! Use NOSKRNL.EXE (Trojan Downloader) Removal Guide

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

NOSKRNL.EXE – Trojan Downloader removal

FileMD5Virus Alias
NOSKRNL.EXE d676a12b0822cf580b9d40304de1969c Trojan Downloader
NOSKRNL.EXE d676a12b0822cf580b9d40304de1969c Trojan XPACK
NOSKRNL.EXE d676a12b0822cf580b9d40304de1969c Trojan Crypt

NOSKRNL.EXE size: 124266 bytes
NOSKRNL.EXE hash: D676A12B0822CF580B9D40304DE1969C

Created files:

%WinDir%\noskrnl.exe
%SysDir%\noskrnl.sys
%Temp%\ff34ff45

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\noskrnl.sys\Type: 01000000
HKLM\System\CurrentControlSet\Services\noskrnl.sys\Start: 03000000
HKLM\System\CurrentControlSet\Services\noskrnl.sys\DisplayName: noskrnl.sys
HKLM\System\CurrentControlSet\Services\noskrnl.sys\ImagePath: %WinDir%\System32\noskrnl.sys
HKLM\System\CurrentControlSet\Services\W32Time\Parameters\NtpServer: time.windows.com,time.nist.gov
HKLM\System\CurrentControlSet\Services\W32Time\Parameters\Type: NTP
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\noskrnl: %WinDir%\noskrnl.exe

Detected by UnHackMe:

NOSKRNL.EXE
Default location: %WinDir%\NOSKRNL.EXE

Dropper information:
MD5: d676a12b0822cf580b9d40304de1969c
File size: 124266 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images