Categories: Adware

Adware.ConvertAd.432 removal

The Adware.ConvertAd.432 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Adware.ConvertAd.432 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Expresses interest in specific running processes
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Code injection with CreateRemoteThread in a remote process
  • Behavioural detection: Injection (inter-process)
  • Behavioural detection: Injection with CreateRemoteThread in a remote process
  • Collects and encrypts information about the computer likely to send to C2 server
  • Creates a hidden or system file
  • Collects information to fingerprint the system

How to determine Adware.ConvertAd.432?



File Info:

name: 8AC88548F926D6436C37.mlwpath: /opt/CAPEv2/storage/binaries/bb2a040bac22af2eb5e773077d06a35c06abae77b0954f34fe03796ccd165ed2crc32: 22051D32md5: 8ac88548f926d6436c3722e120974b77sha1: e5d7688cff382dd9c7225fa220575d96cb5bb3ffsha256: bb2a040bac22af2eb5e773077d06a35c06abae77b0954f34fe03796ccd165ed2sha512: 0c8e98aa8072f3fb0e8d98fa60ca43455f68220c9f58f0ed614623551e9bd77c592fd3cc2a57caf11497f14751a8760827b09ca0d7721ffe554331707ba49b11ssdeep: 12288:CLenf6tVqYaDUybVg7a0JCce22Mck63kZi:VfLYrG4LMpk0type: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T192A4C039E511EFA6C5471DBFC2BBCFD78B227DAAA362918B5B8559D32C663220831404sha3_384: 016f25608efc1a32a48fd7f5165160f576675a78098935f20c140f790ac2e3e59a84db5b52fcd981badf5a85c9d0f63aep_bytes: e8b3140000e979feffff8bff558bec8btimestamp: 2014-01-16 21:43:05

Version Info:

0: [No Data]

Adware.ConvertAd.432 also known as:

Bkav W32.AIDetect.malware2
MicroWorld-eScan Gen:Variant.Adware.ConvertAd.432
CAT-QuickHeal TrojanPWS.Zbot.Gen
ALYac Gen:Variant.Adware.ConvertAd.432
Cylance Unsafe
Sangfor Trojan.Win32.Save.a
K7AntiVirus Spyware ( 005463dc1 )
Alibaba TrojanPSW:Win32/PWSZbot.0dbfb70e
K7GW Spyware ( 005463dc1 )
Cybereason malicious.8f926d
VirIT Trojan.Win32.Generic.XIZ
Cyren W32/S-7ad31b2f!Eldorado
Elastic malicious (high confidence)
ESET-NOD32 Win32/Spy.Zbot.AAU
APEX Malicious
Paloalto generic.ml
Kaspersky HEUR:Trojan.Win32.Generic
BitDefender Gen:Variant.Adware.ConvertAd.432
NANO-Antivirus Trojan.Win32.Zbot.cspvax
SUPERAntiSpyware Trojan.Agent/Gen-Zbot
Avast Win32:Malware-gen
Rising Trojan.Generic@AI.86 (RDML:6MsnIYKAR+SGJrj6DfpEVw)
Ad-Aware Gen:Variant.Adware.ConvertAd.432
TACHYON Trojan-Spy/W32.ZBot.483328.AH
Emsisoft Gen:Variant.Adware.ConvertAd.432 (B)
Comodo TrojWare.Win32.Kryptik.BTWA@56xbql
DrWeb Trojan.PWS.Panda.5676
Zillya Trojan.Zbot.Win32.146708
TrendMicro TSPY_ZBOT.ACIN
McAfee-GW-Edition BehavesLike.Win32.Generic.gh
Trapmine malicious.high.ml.score
FireEye Generic.mg.8ac88548f926d643
Sophos Mal/Generic-R + Troj/Zbot-HKY
Ikarus Trojan.Crypt2
GData Gen:Variant.Adware.ConvertAd.432
Jiangmin TrojanSpy.Zbot.ebdj
Webroot W32.Infostealer.Zeus
Avira HEUR/AGEN.1248244
Kingsoft Win32.Troj.Zbot.rg.(kcloud)
Microsoft PWS:Win32/Zbot!GO
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win32.Agent.R95599
McAfee PWSZbot-FQW!8AC88548F926
MAX malware (ai score=100)
VBA32 TrojanSpy.Zbot
TrendMicro-HouseCall TSPY_ZBOT.ACIN
Tencent Win32.Backdoor.Zbot.Auto
Yandex TrojanSpy.Zbot!4T5nODZ0318
SentinelOne Static AI – Malicious PE
MaxSecure Trojan.Malware.300983.susgen
Fortinet W32/Krptik.AIX!tr
BitDefenderTheta AI:Packer.3A98245421
AVG Win32:Malware-gen
Panda Generic Malware
CrowdStrike win/malicious_confidence_100% (W)

How to remove Adware.ConvertAd.432?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: Adware.ConvertAd.432
2 years ago

Recent Posts

Malware.AI.3853500047 removal instruction

The Malware.AI.3853500047 is considered dangerous by lots of security experts. When this infection is active,…

48 seconds ago

About “Malware.Heuristic.2013” infection

The Malware.Heuristic.2013 is considered dangerous by lots of security experts. When this infection is active,…

50 mins ago

Application.Bundler.iStartSurf.264 (file analysis)

The Application.Bundler.iStartSurf.264 is considered dangerous by lots of security experts. When this infection is active,…

50 mins ago

Should I remove “Ursu.726157”?

The Ursu.726157 is considered dangerous by lots of security experts. When this infection is active,…

51 mins ago

About “Virus:Win32/Xpaj.B” infection

The Virus:Win32/Xpaj.B is considered dangerous by lots of security experts. When this infection is active,…

56 mins ago

Trojan.GenericPMF.S32612790 malicious file

The Trojan.GenericPMF.S32612790 is considered dangerous by lots of security experts. When this infection is active,…

1 hour ago