Categories: Adware

Adware.CsdiMonetize.2 removal

The Adware.CsdiMonetize.2 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Adware.CsdiMonetize.2 virus can do?

Behavioural detection: Executable code extraction – unpacking
SetUnhandledExceptionFilter detected (possible anti-debug)
Yara rule detections observed from a process memory dump/dropped files/CAPE
Creates RWX memory
Guard pages use detected – possible anti-debugging.
Dynamic (imported) function loading detected
Reads data out of its own binary image
CAPE extracted potentially suspicious content
Drops a binary and executes it
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Adware.CsdiMonetize.2?


File Info:
name: 4BB5A3C2FE3E9F84408F.mlwpath: /opt/CAPEv2/storage/binaries/fa62d69b8a2e5189d3d66a6611ae13b90573a577480f0a986fc16278e95fd1eccrc32: 15E7F3EFmd5: 4bb5a3c2fe3e9f84408f705a6463096csha1: 1cab52d003b028b347e2ae4afa3380353da50017sha256: fa62d69b8a2e5189d3d66a6611ae13b90573a577480f0a986fc16278e95fd1ecsha512: 14e964d8bf34d1e22d5748cb30994bb9c24510eaf32df8995cba6fe371682c2ecd015aeef75f1d068217b2dd0e849ff1ce3b7862017416756cb07ac584f3c05essdeep: 12288:z7blMgQSFbMg2vi4lV8UwzOnfPvgKJW67azlqqnHTEknjMxIoYlnlz:z7blT/Fwg0l5wzIn1JW67aRq8Imj4Y3type: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T168E42362A2F59132E051C1745E67C21E8F27BD3A1D38083D34DE1E5E9F97E80920BBB6sha3_384: b921ee176bedb5c436e0ef4ba0c3ecc114191d3b0cfe0e26f882c6aac76e54f20703690e2d85a19efa0350203a8fdc68ep_bytes: 558bec83c4c453565733c08945f08945timestamp: 1992-06-19 22:22:17
Version Info:
Comments: This installation was built with Inno Setup.CompanyName:                                                             FileDescription: ii Setup                                                    FileVersion:                     LegalCopyright:                                                                                                     ProductName: ii                                                          ProductVersion: 5                                                 Translation: 0x0000 0x04b0

Adware.CsdiMonetize.2 also known as:

Lionic	Adware.MSIL.Csdi.2!c
MicroWorld-eScan	Gen:Variant.Adware.CsdiMonetize.2
FireEye	Gen:Variant.Adware.CsdiMonetize.2
Cylance	Unsafe
VIPRE	MSIL.Adware.CsdiMonetize
Sangfor	Adware.MSIL.Csdi.gen
Alibaba	AdWare:MSIL/CsdiMonetize.2e19e4db
CrowdStrike	win/malicious_confidence_100% (D)
BitDefenderTheta	Gen:NN.ZemsilF.34114.Om0@aytgsFo
Symantec	PUA.Gen.2
ESET-NOD32	a variant of MSIL/Adware.CsdiMonetize.AN
TrendMicro-HouseCall	TROJ_GEN.R002H0CGJ21
Kaspersky	not-a-virus:UDS:AdWare.MSIL.Csdi.gen
BitDefender	Gen:Variant.Adware.CsdiMonetize.2
NANO-Antivirus	Riskware.Win32.CsdiMonetize.eyglte
Avast	Win32:AdwareX-gen [Adw]
Tencent	Msil.Adware.Csdimonetize.Pgdh
Sophos	Generic PUA BM (PUA)
Zillya	Adware.Csdi.Win32.514
McAfee-GW-Edition	BehavesLike.Win32.AdwareFileTour.jc
Emsisoft	Gen:Variant.Adware.CsdiMonetize.2 (B)
Ikarus	AdWare.MSIL.Csdimonetize
GData	Gen:Variant.Adware.CsdiMonetize.2
Webroot	W32.Adware.Installcore
Avira	ADWARE/CsdiMonetize.Gen
MAX	malware (ai score=69)
Gridinsoft	Ransom.Win32.Wacatac.sa
Arcabit	Trojan.Adware.CsdiMonetize.2
ViRobot	Adware.Csdimonetize.676918
Microsoft	Trojan:Win32/Tilken.B!cl
Cynet	Malicious (score: 99)
McAfee	Artemis!4BB5A3C2FE3E
VBA32	Trojan.Wacatac
Malwarebytes	Adware.Tuto4PC
APEX	Malicious
Rising	Adware.WizzNetwork!1.CDFD (CLASSIC)
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	Adware/CsdiMonetize
AVG	Win32:AdwareX-gen [Adw]
Cybereason	malicious.2fe3e9
Panda	Trj/CI.A