Malware

AdWare.Win32.DealPly.eznuk information

Malware Removal

The AdWare.Win32.DealPly.eznuk is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What AdWare.Win32.DealPly.eznuk virus can do?

  • Executable code extraction
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Reads data out of its own binary image
  • Crashed cuckoomon during analysis. Report this error to the Github repo.
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine AdWare.Win32.DealPly.eznuk?



File Info:

crc32: 1C563D58
md5: 3453a3f70bba47a5dbe8cbebe3d21f7d
name: bitcomet_setup.exe
sha1: acecbbf2aba19b4d1fc8d075c499c0853b0cf63a
sha256: fc13fe60d8436ec8fc3318383f90faabfcdee1eb37b0eff830e6875e10a82ee7
sha512: 615b50daade73ea5b8e7902f9c1f56b8c9462310fcd75fcdcbe0532e59ab1ce001ed534c953f1f61315af5062cc5c6bd87db12ba7b9d0ebb36075a504ce67adf
ssdeep: 98304:PR4ctzj/CyueD0Tc8aMu01UfrsF60jN3S0nn+w6P5/gG+O2QX2:PRttze/eD0ILi1UahVnZchn8
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Fehafop                                                                                             
FileVersion: 3.0.4.7             
CompanyName:                                                             
Comments: This installation was built with Inno Setup.
ProductName: Nine                                                        
ProductVersion: 2.8                                               
FileDescription: Nine Setup                                                  
Translation: 0x0000 0x04b0

AdWare.Win32.DealPly.eznuk also known as:

CylanceUnsafe
K7AntiVirusRiskware ( 0040eff71 )
K7GWRiskware ( 0040eff71 )
Kasperskynot-a-virus:AdWare.Win32.DealPly.eznuk
AlibabaAdWare:Win32/DealPly.22d544a3
Endgamemalicious (high confidence)
EmsisoftApplication.InstallCore (A)
ComodoApplicUnwnt@#1dea5gzwjtx5r
Invinceaheuristic
McAfee-GW-EditionArtemis
SophosXingWang Bundler (PUA)
CyrenW32/Trojan.DVWH-1313
WebrootW32.Adware.Gen
MicrosoftPUA:Win32/InstallCore
ZoneAlarmnot-a-virus:AdWare.Win32.DealPly.eznuk
McAfeeArtemis!3453A3F70BBA
ESET-NOD32Win32/InstallCore.AZE.Gen potentially unwanted
FortinetW32/InstallCore.AZE!tr
PandaPUP/DownloadAssistant

How to remove AdWare.Win32.DealPly.eznuk?

AdWare.Win32.DealPly.eznuk removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment