Malware

About “AdWare.Win32.DealPly.ezzlg” infection

Malware Removal

The AdWare.Win32.DealPly.ezzlg is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What AdWare.Win32.DealPly.ezzlg virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Network activity detected but not expressed in API logs

How to determine AdWare.Win32.DealPly.ezzlg?



File Info:

crc32: 1310D175
md5: 03ed726da39bf0df2f6ab13ac25410ae
name: 03ED726DA39BF0DF2F6AB13AC25410AE.mlw
sha1: 3ad7ab2e13a8e18408b21fe6657d77efe14f8d75
sha256: 370a8cb42cc36e7dab18c16e0bc7715f666e62bf737d58c55656fba6e1308cfe
sha512: d5043795ba57ebf805da7812961441fd8b61f8aeba4761fbe82102f61d43b056d70afdb020f446cc3206933bf46f74ff7e36a4d0958000fdd87dde8e295264bb
ssdeep: 98304:Vend0/2GgJXGfXvIFaLM4+qcUQ2Fb8R8jxEa:VeengdGHGAM4+qZER8tEa
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Mafofegi                                                                                            
FileVersion:                     
CompanyName:                                                             
Comments: This installation was built with Inno Setup.
ProductName: Nud                                                         
ProductVersion: 5.0                 
FileDescription: Nud Setup                                                   
Translation: 0x0000 0x04b0

AdWare.Win32.DealPly.ezzlg also known as:

LionicAdware.Win32.DealPly.2!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
ALYacApplication.Cerdossa.Gen.1
CylanceUnsafe
SangforTrojan.Win32.Occamy.C37
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaAdWare:Win32/InstallCore.39031c1f
Cybereasonmalicious.da39bf
SymantecRansom.Hermes!gen2
ESET-NOD32Win32/InstallCore.Gen.J potentially unwanted
AvastWin32:Adware-gen [Adw]
Kasperskynot-a-virus:AdWare.Win32.DealPly.ezzlg
BitDefenderApplication.Cerdossa.Gen.1
MicroWorld-eScanApplication.Cerdossa.Gen.1
SophosInnoMod (PUA)
McAfee-GW-EditionBehavesLike.Win32.Dropper.wc
FireEyeApplication.Cerdossa.Gen.1
EmsisoftApplication.Cerdossa.Gen.1 (B)
SentinelOneStatic AI – Suspicious PE
AviraHEUR/AGEN.1123032
Antiy-AVLTrojan/Generic.ASMalwS.309A7ED
MicrosoftTrojan:Win32/Occamy.C37
GDataWin32.Application.InstallCore.LR@gen
AhnLab-V3PUP/Win32.DealPly.C4153759
McAfeeArtemis!03ED726DA39B
MAXmalware (ai score=71)
VBA32Adware.DealPly
IkarusPUA.InstallCore
FortinetW32/InstallCore.AZE!tr
AVGWin32:Adware-gen [Adw]
Paloaltogeneric.ml

How to remove AdWare.Win32.DealPly.ezzlg?

AdWare.Win32.DealPly.ezzlg removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment