Malware

Win32/Packed.AutoIt.UK removal

Malware Removal

The Win32/Packed.AutoIt.UK is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Packed.AutoIt.UK virus can do?

  • Presents an Authenticode digital signature
  • Drops a binary and executes it
  • Executed a very long command line or script command which may be indicative of chained commands or obfuscation
  • Uses Windows utilities for basic functionality
  • Deletes its original binary from disk
  • Creates a hidden or system file
  • Creates a copy of itself
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Win32/Packed.AutoIt.UK?



File Info:

crc32: 1B79E009
md5: 011de74ce78ce078ac0274f778ceecc0
name: clm.exe
sha1: a152a04b0021bf0047f3aba945ae52cc0f4123b7
sha256: 4f14c313182e5e90324f6501ac43075a3c628c925cbe493eade0557f4c74a8f1
sha512: 3b277d79a19821f89db761b95e1c90a8e072eaad3f658c64aa8c68dfb25f566cd67900bf28eed3ff54b682dd945317ed1d54694c2aa548fed13c830a9f469faa
ssdeep: 24576:MAHnh+eWsN3skA4RV1Hom2KXMmHaomo3Y95C:rh+ZkldoPK8YaomVC
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

InternalName: vulkaninfo-1-999-0-0-0.exe
FileVersion: 4.5.7.5
CompanyName: x423x43fx430x43ax43ex432x449x438x43a x43ex431x44ax435x43ax442x43ex4322
Comments: 8x211cx210cxd835xdd19xd835xdd35xd835xdd33xd835xdd25xd835xdd36xd835xdd1b2xd835xdd1axd835xdd2exd835xdd18xd835xdd2bxd835xdd042xd835xdd16xd835xdd09xd835xdd109xd835xdd18xd835xdd16xd835xdd2b7xd835xdd30x211cxd835xdd08xd835xdd33xd835xdd0exd835xdd2cx2111xd835xdd04xd835xdd28xd835xdd11xd835xdd1axd835xdd32xd835xdd05xd835xdd26xd835xdd1f3xd835xdd24xd835xdd26xd835xdd135xd835xdd1fxd835xdd07xd835xdd05xd835xdd22xd835xdd21xd835xdd12xd835xdd1bxd835xdd0fxd835xdd11xd835xdd20xd835xdd2d
ProductVersion: 4.5.7.5
FileDescription: Kannada Keyboard Layout
OriginalFilename: vulkaninfo-1-999-0-0-0.exe
Translation: 0x0809 0x04b0

Win32/Packed.AutoIt.UK also known as:

BkavW32.AIDetectVM.malware2
FireEyeGeneric.mg.011de74ce78ce078
McAfeeArtemis!011DE74CE78C
CylanceUnsafe
AegisLabHacktool.Win32.Gamehack.3!e
K7GWTrojan ( 005633361 )
CrowdStrikewin/malicious_confidence_90% (W)
Invinceaheuristic
APEXMalicious
AvastWin32:Malware-gen
GDataWin32.Trojan.QuilMiner.GJ1632
KasperskyTrojan-Banker.Win32.ClipBanker.kth
AlibabaTrojanBanker:Win32/ClipBanker.31ddbe99
TencentWin32.Trojan.Falsesign.Uf
F-SecureHeuristic.HEUR/AGEN.1044801
DrWebTrojan.Siggen9.30624
McAfee-GW-EditionArtemis!Trojan
Trapminemalicious.moderate.ml.score
SophosMal/Generic-S
AviraHEUR/AGEN.1044801
Endgamemalicious (high confidence)
ZoneAlarmTrojan-Banker.Win32.ClipBanker.kth
MicrosoftTrojan:Win32/Wacatac.C!ml
ESET-NOD32a variant of Win32/Packed.AutoIt.UK
RisingTrojan.Obfus/Autoit!1.BD86 (CLASSIC)
eGambitPE.Heur.InvalidSig
FortinetAutoIt/Packed.KY!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360HEUR/QVM10.1.3EDB.Malware.Gen

How to remove Win32/Packed.AutoIt.UK?

Win32/Packed.AutoIt.UK removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment