Adware

Adware.Generic.661339 information

Malware Removal

The Adware.Generic.661339 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Adware.Generic.661339 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • .NET file is packed/obfuscated with Confuser
  • Authenticode signature is invalid

How to determine Adware.Generic.661339?


File Info:

name: 5206B8409F360FCAA89E.mlw
path: /opt/CAPEv2/storage/binaries/1ca94a40bd5efb802bce6a634f18ef37efb38d2a250d2736dcc1cb9eeb86ea8c
crc32: 9C0E4C4C
md5: 5206b8409f360fcaa89ed58997324390
sha1: 6007b0c3d8282167723daabd21b438c385516762
sha256: 1ca94a40bd5efb802bce6a634f18ef37efb38d2a250d2736dcc1cb9eeb86ea8c
sha512: 38477633bea978d23f6b4fefd8c83c0dbb17838dd812db3c882873fe768594cccf0aa84ac8706c810fed0a2ba84b0594bbf005339e043a12341feeb0868bcc4d
ssdeep: 96:pCbY+fa3S7QmKQR2RPoaeqnoae/U1tRGdkKz3IcPi0wlsiK4odzT:pCbZf+S71R2lpZMkRGdXDqvsiKj1
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A4E1C81467DC4672DDEE473A89B357409634E2428E63CF2F8DC1D12B1C97A386792B98
sha3_384: b9199ce2a3d5efdeb04aa214997666a3182527efad2a2db86e0d03f6dbaa1d69ea0ec406160b7deb7f6d65cdcf1d5b13
ep_bytes: ff250020400000000000000000000000
timestamp: 2013-12-27 12:52:49

Version Info:

Translation: 0x0000 0x04b0
FileDescription: mfzxvgvucefmnnei
FileVersion: 4.0.6.89
InternalName: setup.exe
LegalCopyright:
OriginalFilename: setup.exe
ProductVersion: 4.0.6.89
Assembly Version: 4.0.6.89

Adware.Generic.661339 also known as:

LionicAdware.MSIL.DomaIQ.2!c
DrWebAdware.Downware.1824
MicroWorld-eScanAdware.Generic.661339
FireEyeGeneric.mg.5206b8409f360fca
McAfeeArtemis!5206B8409F36
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
AlibabaAdWare:MSIL/DomaIQ.71d803de
K7GWTrojan ( 700000121 )
K7AntiVirusTrojan ( 700000121 )
BitDefenderThetaGen:NN.ZemsilF.34062.am0@aWeg3!g
CyrenW32/S-66ca85e9!Eldorado
Kasperskynot-a-virus:AdWare.MSIL.DomaIQ.aad
BitDefenderAdware.Generic.661339
NANO-AntivirusTrojan.Win32.Adw.ddqexe
SUPERAntiSpywareAdware.DomaIQ/Variant
AvastWin32:Dropper-gen [Drp]
TencentMsil.Adware.Domaiq.Srna
Ad-AwareAdware.Generic.661339
SophosDomaIQ pay-per install (PUA)
ComodoApplication.MSIL.DomaIQ.A@56xcaz
ZillyaAdware.DomaIQ.Win32.3868
McAfee-GW-EditionBehavesLike.Win32.Generic.zt
EmsisoftAdware.Generic.661339 (B)
SentinelOneStatic AI – Malicious PE
GDataAdware.Generic.661339
WebrootW32.Malware.Gen
AviraPUA/DomaIQ.Gen
MAXmalware (ai score=61)
Antiy-AVLTrojan/Generic.ASMalwS.204B1D6
KingsoftWin32.Troj.Generic_a.a.(kcloud)
MicrosoftTrojan:Win32/Wacatac.A!ml
CynetMalicious (score: 99)
AhnLab-V3Adware/Win32.DomaIQ.C236927
VBA32AdWare.MSIL.DomaIQ
ALYacAdware.Generic.661339
APEXMalicious
IkarusAdWare.SuspectCRC
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Injector.JAX!tr
AVGWin32:Dropper-gen [Drp]
Cybereasonmalicious.09f360
PandaTrj/CI.A

How to remove Adware.Generic.661339?

Adware.Generic.661339 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment