PUA

TNT! enFoRcEr (PUA) removal guide

Malware Removal

The TNT! enFoRcEr (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TNT! enFoRcEr (PUA) virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine TNT! enFoRcEr (PUA)?



File Info:

name: 32F0372CA65F1394BDE1.mlw
path: /opt/CAPEv2/storage/binaries/29845e035bb881657cec4785817fe8f9dd1d51a13ac60cb911a76aaa2de5bd61
crc32: 9AC476CA
md5: 32f0372ca65f1394bde12f50d5c728d0
sha1: 7cbd2164a67f81d7a1f33e70275648cc3e251d05
sha256: 29845e035bb881657cec4785817fe8f9dd1d51a13ac60cb911a76aaa2de5bd61
sha512: 44738de4cd741958b87feaa0503fd8ecd442173a336bc458fb345254cf26e6afd4338ed6236af49379d3aeeb4992f9b2508506ee2192656290590774fee017f0
ssdeep: 6144:3AQob1/nFSNTokLBK//OeaweHC27Z9n7py:3AQoR/n45hLBKFHy1y
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10274020EF3AF8D14D7C200744B11961ABE50EB72F8936682FA7DC71EDBC76255B0294A
sha3_384: 60536dce1c5c07464a764f140716fec7d0637bd5989829e7493f173c700f1b87f75b6ed888e8fd228d1cf0d89946540e
ep_bytes: 60be00f043008dbe0020fcffc787d433
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

TNT! enFoRcEr (PUA) also known as:

BkavW32.AIDetectMalware
LionicHacktool.Win32.ArchSMS.lntD
FireEyeGeneric.mg.32f0372ca65f1394
SangforSuspicious.Win32.Save.a
AlibabaTrojan:Win32/WrongInf.2fcd29f1
Elasticmalicious (high confidence)
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
AvastWin32:WrongInf-E [Susp]
SophosTNT! enFoRcEr (PUA)
F-SecureHeuristic.HEUR/AGEN.1324201
McAfee-GW-EditionBehavesLike.Win32.Infected.ft
AviraHEUR/AGEN.1324201
Antiy-AVLWorm/Win32.AutoRun
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
BitDefenderThetaAI:Packer.B053163421
IkarusTrojan.Agent
AVGWin32:WrongInf-E [Susp]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_90% (W)

How to remove TNT! enFoRcEr (PUA)?

TNT! enFoRcEr (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment