Categories: Virus

Virus:Win32/Autorun.NE removal guide

The Virus:Win32/Autorun.NE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Virus:Win32/Autorun.NE virus can do?

Creates RWX memory
Reads data out of its own binary image
Drops a binary and executes it
Unconventionial language used in binary resources: Chinese (Traditional)
Creates an autorun.inf file
Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
Installs itself for autorun at Windows startup
Exhibits possible ransomware file modification behavior
Creates a hidden or system file
Network activity detected but not expressed in API logs
Likely virus infection of existing system binary
Creates a copy of itself
Creates a slightly modified copy of itself
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Virus:Win32/Autorun.NE?


File Info:
crc32: AA0BF35Fmd5: bac2a5a291b6db5fa477abbf9f6db2edname: BAC2A5A291B6DB5FA477ABBF9F6DB2ED.mlwsha1: 7429886345d24ffa8e23e0a257be528612878ba1sha256: 288a42b03d1409ee289b7aa0896150467dc850fc56661c12d850114acaf88363sha512: 82e0636ba10501928c8e49d52ddad33e8f5466bd986f9dc7e22c18246393fa6a2f33c5a70177500ffe9301184789d9b3f22555118cde3adc1c3771ab793c51e8ssdeep: 49152:PEs1Y5W/x5W/b5W/p5W/S5W/f0g7mM+M6RkMkIM7I067T5W/q:PE2Y5WZ5WD5Wx5Wq5WmM+M6RkMkIM7mhtype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
0: [No Data]

Virus:Win32/Autorun.NE also known as:

Bkav	W32.FamVT.DelfHV.PE
K7AntiVirus	Trojan ( 0055c5981 )
DrWeb	Win32.HLLP.Stone.2
MicroWorld-eScan	Trojan.GenericKD.32981353
CMC	Virus.Win32.Lamer!O
CAT-QuickHeal	Trojan.Agent
ALYac	Trojan.GenericKD.32981353
Cylance	Unsafe
Zillya	Trojan.Mepaow.Win32.18
Sangfor	Malware
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	virus:Win32/InfectPE.ali2000007
K7GW	Trojan ( 0055c5981 )
Cybereason	malicious.291b6d
TrendMicro	Virus.Win32.LAMER.A
Baidu	Win32.Virus.Lamer.d
Cyren	W32/Trojan.MPVD-5563
ESET-NOD32	Win32/AutoRun.Delf.RO
APEX	Malicious
TotalDefense	Win32/SillyAutorun.ETA
Avast	Win32:Stihat [Wrm]
ClamAV	Win.Malware.Mepaow-6725393-0
GData	Trojan.GenericKD.32981353
Kaspersky	Virus.Win32.Lamer.cb
BitDefender	Trojan.GenericKD.32981353
NANO-Antivirus	Virus.Win32.Mepaow.btvwx
ViRobot	Win32.HelpMe.A
Tencent	Virus.Win32.Lamer.cf
Ad-Aware	Trojan.GenericKD.32981353
Sophos	W32/AutoRun-AQR
Comodo	Virus.Win32.Stihat.A@8lodcy
F-Secure	Trojan.TR/Crypt.ASPM.Gen
BitDefenderTheta	AI:Packer.2E818E7624
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Autorun.vh
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.bac2a5a291b6db5f
Emsisoft	Trojan.GenericKD.32981353 (B)
SentinelOne	DFI – Malicious PE
F-Prot	W32/Trojan2.MJYK
Endgame	malicious (high confidence)
Avira	TR/Crypt.ASPM.Gen
eGambit	Unsafe.AI_Score_100%
Antiy-AVL	Virus/Win32.Lamer.cb
Microsoft	Virus:Win32/Autorun.NE
Jiangmin	Trojan/Mepaow.d
Arcabit	Trojan.Generic.D1F74169
AegisLab	Trojan.Win32.Mepaow.ljgO
ZoneAlarm	Virus.Win32.Lamer.cb
TACHYON	Worm/W32.DPLamer
AhnLab-V3	Trojan/Win32.Stonelv.R2831
Acronis	suspicious
McAfee	W32/Autorun.worm.nk
MAX	malware (ai score=86)
VBA32	Worm.Autorun.2013
Malwarebytes	Backdoor.Bot
Panda	Generic Malware
TrendMicro-HouseCall	Virus.Win32.LAMER.A
Rising	Malware.Heuristic!ET#88% (RDMK:cmRtazqyIh65FmkNQDBdOSKPWjBN)
Yandex	Trojan.Mepaow!nBwMXy4ceEQ
Ikarus	Trojan.Win32.Mepaow
MaxSecure	Virus.W32.Lamer.CB
Fortinet	W32/Lamer.VB!tr
AVG	Win32:Stihat [Wrm]
Paloalto	generic.ml
Qihoo-360	Win32/Virus.Lamer.I