Trojan-Spy.Win32.AutoHK.bc removal instruction

Malware Removal

The Trojan-Spy.Win32.AutoHK.bc is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan-Spy.Win32.AutoHK.bc virus can do?

  • Creates RWX memory
  • Drops a binary and executes it
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Trojan-Spy.Win32.AutoHK.bc?


File Info:

crc32: 2E40F945
md5: 298175db96c86d8480dcf634295b782b
name: 298175DB96C86D8480DCF634295B782B.mlw
sha1: 16ef65661f5c98fb5075a055e334791c478f3815
sha256: 3f2066f817f47795c30879afdc050734201d2e0efa6000eb8909bbe3dc8a59e7
sha512: 32764b24ac7db14b9195d6f6ef74e017b1846a98ad8e9e4d53840521e1fe92f10a749641094e91f213f853cef950728e018a8fa8f1b7ced36866fde0cddce43f
ssdeep: 24576:5T7S3bTIUwHsrxYYpxUbXfzzKeLCKc1q0ZUf:54bj0z6bV1qqU
type: PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9 2017
Assembly Version: 1.0.0.0
InternalName: ConsoleApplication121244.exe
FileVersion: 1.0.0.0
ProductName: ConsoleApplication121244
ProductVersion: 1.0.0.0
FileDescription: ConsoleApplication121244
OriginalFilename: ConsoleApplication121244.exe

Trojan-Spy.Win32.AutoHK.bc also known as:

K7AntiVirusTrojan ( 005131101 )
ALYacTrojan.GenericKD.6199301
CylanceUnsafe
ZillyaTrojan.ClipBanker.Win32.423
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_60% (D)
AlibabaTrojanSpy:Win32/AutoHK.d5e8ac88
K7GWTrojan ( 005131101 )
Cybereasonmalicious.b96c86
CyrenW32/S-a3ad0593!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/ClipBanker.BD
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan-Spy.Win32.AutoHK.bc
BitDefenderTrojan.GenericKD.6199301
NANO-AntivirusTrojan.Win32.ClipBanker.euzhhb
MicroWorld-eScanTrojan.GenericKD.6199301
TencentWin32.Trojan-spy.Autohk.Hsir
Ad-AwareTrojan.GenericKD.6199301
SophosMal/Generic-S
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionArtemis!Trojan
FireEyeGeneric.mg.298175db96c86d84
EmsisoftTrojan.GenericKD.6199301 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojanSpy.AutoHK.g
MicrosoftBackdoor:Win32/Bladabindi!ml
GDataTrojan.GenericKD.6199301
McAfeeArtemis!298175DB96C8
MAXmalware (ai score=100)
VBA32TrojanSpy.AutoHK
PandaTrj/GdSda.A
YandexTrojanSpy.AutoHK!BmsMEFjZnGo
IkarusTrojan.Win32.Clipbanker
FortinetMSIL/Generic.AP.107598!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Trojan-Spy.Win32.AutoHK.bc?

Trojan-Spy.Win32.AutoHK.bc removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment