How to remove "Trojan.MalPack.MEW"?

The Trojan.MalPack.MEW is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.MalPack.MEW virus can do?

Executable code extraction
A process attempted to delay the analysis task.
Attempts to connect to a dead IP:Port (841 unique times)
Starts servers listening on 0.0.0.0:10087
Reads data out of its own binary image
Drops a binary and executes it
Installs itself for autorun at Windows startup
The sample wrote data to the system hosts file.
Makes SMTP requests, possibly sending spam or exfiltrating data.
Creates a slightly modified copy of itself

Related domains:

select.ninth-gate.org

corp.unicode.org

nwk-aaemail-lapp03.apple.com

nwk-aaemail-lapp02.apple.com

nwk-aaemail-lapp01.apple.com

ma1-aaemail-dr-lapp03.apple.com

ma1-aaemail-dr-lapp02.apple.com

ma1-aaemail-dr-lapp01.apple.com

apple.com

unicode.org

mx.unicode.org

mail.unicode.org

smtp.unicode.org

mx1.unicode.org

mxs.unicode.org

mail1.unicode.org

relay.unicode.org

ns.unicode.org

gate.unicode.org

mx.apple.com

mail.apple.com

smtp.apple.com

mx1.apple.com

How to determine Trojan.MalPack.MEW?


File Info:
crc32: C5956489
md5: f156d68c3cd154a44bd943f153c7de66
name: upload_file
sha1: 3a454bdc9f67eca10165569b24a9002bbe0d67d4
sha256: 2c57544afb07b894343bcf4abfb2f2d3edf0170ed3c9ab57da712c2f4d5366f4
sha512: 101d8436a07a4397fbc073a9321f6903ae5f7fbe20a2b368ee740d55bf5d042f7c919bc0c57aacad25575847d1855cd42738f7968005f545652a8c10490c6005
ssdeep: 768:NMnqPaZqX8aMH9s8N/zJxc/98NifKK2es+9scABvL8tGQW1ilp1MY3a48hYBJbaL:uDBjHbzQF8N8RhGDYdLO4CQflcnEa
type: Zip archive data, at least v1.0 to extract

Version Info:
0: [No Data]

Trojan.MalPack.MEW also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Win32.Generic.494871
FireEye	Win32.Generic.494871
McAfee	W32/Mytob.j.gen@MM
Cylance	Unsafe
Sangfor	Malware
BitDefender	Win32.Generic.494871
K7GW	Riskware ( 0040eff71 )
K7AntiVirus	Riskware ( 0040eff71 )
TrendMicro	WORM_MYTOB.BT
Baidu	Win32.Worm.Rbot.a
Cyren	W32/Threat-HLLIM!Eldorado
Symantec	Trojan.Gen.NPE
TotalDefense	Win32/Mytob!ZIP
TrendMicro-HouseCall	WORM_MYTOB.BT
Avast	Win32:Mytob-BI [Wrm]
ClamAV	Win.Worm.Mytob-53
Kaspersky	Net-Worm.Win32.Mytob.vkj
NANO-Antivirus	Trojan.Win32.Mytob.enhq
ViRobot	Worm.Win32.Mytob.FD
Ad-Aware	Win32.Generic.494871
Emsisoft	Win32.Generic.494871 (B)
Comodo	Worm.Win32.Mytob.BH@1wky
F-Secure	Worm.WORM/Mytob.BF
DrWeb	Win32.HLLM.MyDoom.based
VIPRE	Trojan.Win32.Ircbot!cobra (v)
Invincea	W32/MyDoom-Gen
McAfee-GW-Edition	BehavesLike.Generic.ch
Sophos	W32/Mytob-AK
Ikarus	I-Worm.Mytob
GData	Win32.Generic.494871
Jiangmin	Packed.Krap.Gen.a
Avira	WORM/Mytob.BF
MAX	malware (ai score=84)
Antiy-AVL	Worm[Net]/Win32.Mytob
Microsoft	Worm:Win32/Mytob.CG@mm
Arcabit	Win32.Generic.494871
AegisLab	Worm.Win32.Brontok.lztO
ZoneAlarm	Net-Worm.Win32.Mytob.vkj
Cynet	Malicious (score: 85)
AhnLab-V3	Trojan/Win32.Malco.R7515
BitDefenderTheta	AI:Packer.32709B861D
VBA32	Win32.Trojan.Hoster.Heur
Malwarebytes	Trojan.MalPack.MEW
Zoner	Worm.Win32.Mytob.5346
ESET-NOD32	Win32/Mytob.BH
Rising	Trojan.Killav!1.667A (CLASSIC)
Yandex	I-Worm.Mytob.BS
SentinelOne	DFI – Malicious Archive
Fortinet	W32/Banload.WZH!tr.dldr
AVG	Win32:Mytob-BI [Wrm]
Panda	W32/Mytob.gen.worm

How to remove Trojan.MalPack.MEW?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

How to remove “Trojan.MalPack.MEW”?