Malware

AdWare.BAT.Shortcut removal tips

Malware Removal

The AdWare.BAT.Shortcut is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What AdWare.BAT.Shortcut virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • A script process created a new process
  • A script or command line contains a long continuous string indicative of obfuscation

How to determine AdWare.BAT.Shortcut?



File Info:

name: 5D196CCB5ACD0D257509.mlw
path: /opt/CAPEv2/storage/binaries/f34f0153714340cac6721d135e4c726515a7f163a42e1152b8cc265dfd3c906e
crc32: BA6E65CD
md5: 5d196ccb5acd0d25750904b75ac1350f
sha1: 320bf79a810ab84173de8836015258aa38182489
sha256: f34f0153714340cac6721d135e4c726515a7f163a42e1152b8cc265dfd3c906e
sha512: 6b9a596cb9e735ac470836e10eaa33cc7047e502b3316f50a63f5d8903a40d6961b2e48145b9db60b187d4864cf40d8267e2f9164981347c12dde08876fa0f38
ssdeep: 49152:8FEykbGPdAvGuqwJlwbrRolwe2R8cMzeBRERPNfSwtkh:8FEykbGMGuqwJMRolwe2zJ+tpSwtkh
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A3B5233074E1D572CD232432D795D371EDB5A53336B6299ABFD0172E2E712A0A22A327
sha3_384: 7137959d7170cee347431620dbd8d870565635378ff413425d9bb2f8639b2dfc1067bde32834a73b30bf1b902d8c3dca
ep_bytes: e885630000e978feffff8bff558bec56
timestamp: 2015-02-15 08:00:31


Version Info:

0: [No Data]

AdWare.BAT.Shortcut also known as:

BkavW32.AIDetect.malware2
LionicAdware.BAT.Shortcut.2!c
CylanceUnsafe
APEXMalicious
Kasperskynot-a-virus:HEUR:AdWare.BAT.Shortcut.gen
NANO-AntivirusTrojan.Script.Agent.dqyayx
AvastWin32:Adware-gen [Adw]
TencentWin32.Script.Agent.Swbh
SophosGeneric PUA DC (PUA)
AVGWin32:Adware-gen [Adw]

How to remove AdWare.BAT.Shortcut?

AdWare.BAT.Shortcut removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment