Malware

Win32/Packed.Autoit.NBT suspicious removal

Malware Removal

The Win32/Packed.Autoit.NBT suspicious is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Packed.Autoit.NBT suspicious virus can do?

  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Win32/Packed.Autoit.NBT suspicious?



File Info:

crc32: 70AF50A4
md5: 864a242e67dcc4a6021f8d0ed5025c40
name: shenlansuo_1.6.exe
sha1: 8f7d4492192d65fdb3c5c99b1cb6a108fe0f4be0
sha256: 55e0909ff600adbeee6f02e55d15caecbe8aee66023e0e97a6917aebdbc0d959
sha512: 4c13b883aa87bcbc09c5f5c11f828977c548d99a5fd25967f6bbe8d0722267121de1c38c8ae00564319270826471de9c17a672bd835e84ea94a2b0935dafee8c
ssdeep: 12288:R4b1fqZkX/PT86dc2g9U1aG6A/H/YEy7WgOr3oXxLMTXWY6iqyX5x:R4p2kXnT86gC1aG6A//YBaJrcICYZzJx
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive


Version Info:

0: [No Data]

Win32/Packed.Autoit.NBT suspicious also known as:

FireEyeGeneric.mg.864a242e67dcc4a6
McAfeeRDN/YahLover.worm
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforMalware
K7AntiVirusRiskware ( 0040eff71 )
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.2192d6
CyrenW32/Trojan.IJBN-1595
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.Autoit.NBT suspicious
APEXMalicious
ClamAVWin.Malware.Generic-6651791-0
GDataWin32.Trojan.Agent.J2U1LA
AlibabaTrojanSpy:Win32/PySpy.9d09a898
NANO-AntivirusTrojan.Win32.IJBN1595.fcbdmd
TencentWin32.Trojan.Spy.Dzju
SophosWinlock (PUA)
ComodoTrojWare.Win32.Hider.REXR@5364l6
F-SecureTrojan.TR/SPY.PySpy.jktqo
DrWebTrojan.Siggen5.59949
McAfee-GW-EditionBehavesLike.Win32.Comame.jc
F-ProtW32/Trojan2.NVGH
WebrootW32.Malware.Gen
AviraTR/SPY.PySpy.jktqo
MAXmalware (ai score=95)
Antiy-AVLGrayWare/Autoit.Execute.a
Endgamemalicious (moderate confidence)
MicrosoftTrojan:Win32/Tiggre!rfn
VBA32IMWorm.Sohanad
RisingTrojan.Obfus/Autoit!1.BEDE (CLASSIC)
YandexPacked/RLPack
SentinelOneDFI – Suspicious PE
AVGWin32:Malware-gen
AvastWin32:Malware-gen
CrowdStrikewin/malicious_confidence_60% (W)
MaxSecureTrojan.Malware.300983.susgen

How to remove Win32/Packed.Autoit.NBT suspicious?

Win32/Packed.Autoit.NBT suspicious removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment