Trojan

Trojan.Heur.pmKfr4zzwAjS removal tips

Malware Removal

The Trojan.Heur.pmKfr4zzwAjS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Heur.pmKfr4zzwAjS virus can do?

  • Creates RWX memory
  • A process created a hidden window
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Creates a copy of itself
  • Interacts with known DarkComet registry keys

How to determine Trojan.Heur.pmKfr4zzwAjS?



File Info:

crc32: 941A8B4C
md5: 044626347c403a9fa5370006cd52f2ec
name: hgdfgfdgsf.exe
sha1: 57f68fe970b1367fb38d3bc4e4434ef76c148a31
sha256: 0f18011ef2afa539dd7ffbac8465e04d8b851ba3cfb5c131bb87c0e391110363
sha512: 9b088e9b3bde254c7603b9a3b74f46f1c2162dfd31166ad18b84d3eae3320d50411ce5cb4638628028d4a4a9087dbe383c9c9f0224769f8cb5e9271fcd5a832f
ssdeep: 6144:dcNYk1yuwEDBum3qYWnl0pd0EX3Zq2b6wfIDYm0PHQJU7R:dcWkbgTYWnYnt/IDYhPAU7
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

LegalCopyright: Copyright (C) 1999
InternalName: MSRSAAPP
FileVersion: 1, 0, 0, 1
CompanyName: Microsoft Corp.
Comments: Remote Service Application
ProductName: Remote Service Application
ProductVersion: 4, 0, 0, 0
FileDescription: Remote Service Application
OriginalFilename: MSRSAAP.EXE
Translation: 0x0409 0x04b0

Trojan.Heur.pmKfr4zzwAjS also known as:

BkavW32.BitwanD.Trojan
MicroWorld-eScanGen:Trojan.Heur.pmKfr4zzwAjS
CMCBackdoor.Win32.DarkKomet!O
CAT-QuickHealBackdoor.Fynloski.A9
McAfeeGeneric.gj
CylanceUnsafe
SUPERAntiSpywareTrojan.Agent/Gen-Delf
K7AntiVirusTrojan ( 004bc4d11 )
BitDefenderGen:Trojan.Heur.pmKfr4zzwAjS
K7GWTrojan ( 004bc4d11 )
Cybereasonmalicious.47c403
Invinceaheuristic
BaiduWin32.Backdoor.Agent.l
NANO-AntivirusTrojan.Win32.Tordev.dgnepn
CyrenW32/Fynloski.FWDO-2352
SymantecBackdoor.Breut!gm
TotalDefenseWin32/Fynloski.A!generic
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.DarkKomet-1
GDataWin32.Backdoor.Fynloski.F
KasperskyBackdoor.Win32.DarkKomet.gwbu
AlibabaBackdoor:Win32/DarkKomet.7b7759a9
ViRobotTrojan.Win32.Z.Fynloski.258048.DBN
AvastWin32:Evo-gen [Susp]
TencentBackdoor.Win32.DarkKomet.zem
Endgamemalicious (moderate confidence)
EmsisoftGen:Trojan.Heur.pmKfr4zzwAjS (B)
ComodoTrojWare.Win32.Fynloski.B@57zt85
F-SecureBackdoor.BDS/Backdoor.Gen
DrWebBackDoor.Tordev.9
ZillyaTrojan.Fynloski.Win32.742
TrendMicroBKDR_FYNLOS.SMM
McAfee-GW-EditionBehavesLike.Win32.Backdoor.dc
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.044626347c403a9f
SophosTroj/Fynlosk-AK
IkarusBackdoor.Win32.DarkKomet
F-ProtW32/Fynloski.BA
JiangminTrojan/Genome.bomw
AviraBDS/Backdoor.Gen
ArcabitTrojan.Heur.pmKfr4zzwAjS
AegisLabTrojan.Win32.DarkKomet.4!c
ZoneAlarmBackdoor.Win32.DarkKomet.gwbu
MicrosoftVirTool:Win32/CeeInject.AJJ!bit
TACHYONBackdoor/W32.DP-DarkKomet.674816.B
AhnLab-V3Win-Trojan/FCN.140610
Acronissuspicious
VBA32Backdoor.Tordev
MAXmalware (ai score=94)
Ad-AwareGen:Trojan.Heur.pmKfr4zzwAjS
MalwarebytesBackdoor.Packed.DK
ZonerTrojan.Win32.29578
ESET-NOD32a variant of Win32/Fynloski.AN
TrendMicro-HouseCallBKDR_FYNLOS.SMM
RisingBackdoor.Pontoeb!1.6637 (CLASSIC)
YandexTrojan.Comet.Gen.LO
SentinelOneDFI – Malicious PE
eGambitRAT.DarkComet
FortinetW32/Generic.AC.DB56!tr
AVGFileRepMalware
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)
Qihoo-360Win32/Backdoor.DarkKomet.B

How to remove Trojan.Heur.pmKfr4zzwAjS?

Trojan.Heur.pmKfr4zzwAjS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment