The Win32/Packed.AutoIt.KY file is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.
What Win32/Packed.AutoIt.KY virus can do?
- Drops a binary and executes it
- Executed a very long command line or script command which may be indicative of chained commands or obfuscation
- Uses Windows utilities for basic functionality
- Deletes its original binary from disk
- Installs itself for autorun at Windows startup
- Creates a hidden or system file
- Attempts to modify proxy settings
- Creates a copy of itself
- Uses suspicious command line tools or Windows utilities
How to determine Win32/Packed.AutoIt.KY?
General:
Operating System: Windows 7 / 8 / 8.1 / 10 Virus Name: Trojan.GenericKD.32704770
File Info:
Name: rss.exe
Size: 1003520
Type: PE32 executable (GUI) Intel 80386, for MS Windows
MD5: 3c994d9e67f627add95e6040e9a4c28a
SHA1: d6ee9545b6c062039038420536d7363ff4f7769f
SH256: 4369ee57177431e9be048e8790a48c27c34b48447d056f12996ec37679fa5bcb
Version Info:
[No Data]
Win32/Packed.AutoIt.KY also known as:
| ALYac | Trojan.GenericKD.32704770 |
| APEX | Malicious |
| AVG | Win32:Trojan-gen |
| Acronis | suspicious |
| Ad-Aware | Trojan.GenericKD.32704770 |
| AegisLab | Trojan.Win32.Generic.4!c |
| AhnLab-V3 | Malware/Win32.Generic.C3559340 |
| Alibaba | TrojanBanker:Win32/ClipBanker.d520ac47 |
| Antiy-AVL | Trojan/Generic.ASVCS3S.1E5 |
| Arcabit | Trojan.Generic.D1F30902 |
| Avast | Win32:Trojan-gen |
| Avira | HEUR/AGEN.1036560 |
| BitDefender | Trojan.GenericKD.32704770 |
| CrowdStrike | win/malicious_confidence_100% (W) |
| Cylance | Unsafe |
| Cyren | W32/Trojan.DBTN-4321 |
| ESET-NOD32 | a variant of Win32/Packed.AutoIt.KY |
| Endgame | malicious (high confidence) |
| F-Secure | Heuristic.HEUR/AGEN.1036560 |
| FireEye | Generic.mg.3c994d9e67f627ad |
| GData | Trojan.GenericKD.32704770 |
| Ikarus | Trojan.Win32.Autoit |
| Invincea | heuristic |
| K7AntiVirus | Trojan ( 700000111 ) |
| K7GW | Trojan ( 700000111 ) |
| Kaspersky | Trojan-Banker.Win32.ClipBanker.gqq |
| Malwarebytes | Trojan.ClipBanker.AutoIt.Generic |
| MaxSecure | Trojan.Malware.300983.susgen |
| McAfee | RDN/Generic.grp |
| McAfee-GW-Edition | BehavesLike.Win32.Downloader.dh |
| MicroWorld-eScan | Trojan.GenericKD.32704770 |
| Microsoft | Trojan:Win32/Occamy.C |
| NANO-Antivirus | Trojan.Win32.ClipBanker.ghejfj |
| Paloalto | generic.ml |
| Panda | Trj/CI.A |
| Qihoo-360 | HEUR/QVM10.2.287D.Malware.Gen |
| Rising | Trojan.Obfus/Autoit!1.BD86 (CLASSIC) |
| Sophos | Mal/Generic-S |
| Symantec | ML.Attribute.HighConfidence |
| TrendMicro-HouseCall | TROJ_GEN.R023C0PKE19 |
| ZoneAlarm | Trojan-Banker.Win32.ClipBanker.gqq |
How to remove Win32/Packed.AutoIt.KY?
- Download and install GridinSoft Anti-Malware.
- Open GridinSoft Anti-Malware and perform a “Standard scan“.
- “Move to quarantine” all items.
- Open “Tools” tab – Press “Reset Browser Settings“.
- Select proper browser and options – Click “Reset”.
- Restart your computer.
Leave a Comment