Is the file CRMCOOBNK.exe located on your computer? Then your computer is infected.
We do suggest you should remove CRMCOOBNK.exe from your computer as soon as possible.
CRMCOOBNK.exe is Trojan/Backdoor.
Kill the process CRMCOOBNK.exe and remove CRMCOOBNK.exe from the Windows startup.
Malware Analysis of CRMCOOBNK.exe
Full path on a computer: %SysDir%\diubaoLe\cRMCoobnk.exe
Detected by UnHackMe:
CRMCOOBNK.exe
Default location: %SysDir%\diubaoLe\cRMCoobnk.exe
Removal Results: Success
Number of reboot: 1
CRMCOOBNK.exe is known as:
Trojan.MulDrop3.51320, Backdoor.Morix.B, BScope.Trojan.SvcHorse.01643
CRMCOOBNK.exe hash:
- MD5: 4aeaafc3445d57d159966fa1e34f869c
How to quickly detect CRMCOOBNK.exe presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\C9C1331C: “%WinDir%\C9C1331C\svchsot.exe”
Folders:- %SysDir%\diubaoLe
- %WinDir%\C9C1331C
Files:- %SysDir%\diubaoLe\cRMCoobnk.exe
- %WinDir%\Tasks\At1.job
- %WinDir%\Tasks\At10.job
- %WinDir%\Tasks\At11.job
- %WinDir%\Tasks\At12.job
- %WinDir%\Tasks\At13.job
- %WinDir%\Tasks\At14.job
- %WinDir%\Tasks\At15.job
- %WinDir%\Tasks\At16.job
- %WinDir%\Tasks\At17.job
- %WinDir%\Tasks\At18.job
- %WinDir%\Tasks\At19.job
- %WinDir%\Tasks\At2.job
- %WinDir%\Tasks\At20.job
- %WinDir%\Tasks\At21.job
- %WinDir%\Tasks\At22.job
- %WinDir%\Tasks\At23.job
- %WinDir%\Tasks\At24.job
- %WinDir%\Tasks\At3.job
- %WinDir%\Tasks\At4.job
- %WinDir%\Tasks\At5.job
- %WinDir%\Tasks\At6.job
- %WinDir%\Tasks\At7.job
- %WinDir%\Tasks\At8.job
- %WinDir%\Tasks\At9.job
- %WinDir%\C9C1331C\svchsot.exe