Malware

How to remove “AdWare.Win32.Ruco.aos”?

Malware Removal

The AdWare.Win32.Ruco.aos is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What AdWare.Win32.Ruco.aos virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
www.230558.net
a.tomx.xyz

How to determine AdWare.Win32.Ruco.aos?



File Info:

crc32: F0DFCFBE
md5: 50cb3551094d6973ac784e582ae9f1fa
name: qlv2mp4-v1-0.exe
sha1: cb2d3ec8d64fd3ebed77750e103b5dd1e4440432
sha256: 6bd34784c4ba14d182ebdc9e92c4de736f07f3016118bffaa65ac58753320fef
sha512: 0ad587c4d8508454279127ff903b50d634544f81989de9dac37882a5fb438f9722888850597af4f9804b80f52f237cd4209dbe347f546b81bb642e0b9c82161d
ssdeep: 24576:BMyFtn54jqjUd3mA4XTOInsEMGdUPnXzvg7iMZTEZhKdpcn6hhofEJ5wZVeP:WyFtbj25snspXU9EZhKE6EffTeP
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive


Version Info:

LegalCopyright: MsLang
FileVersion: 2015
CompanyName: MsLang
LegalTrademarks: (C) 2015 MsLang
Comments: qlvx683cx5f0fx8f6cx6362x6210mp4
ProductName: qlvx683cx5f0fx8f6cx6362x6210mp4
FileDescription: qlvx683cx5f0fx8f6cx6362x6210mp4
Translation: 0x0804 0x03a8

AdWare.Win32.Ruco.aos also known as:

CrowdStrikewin/malicious_confidence_60% (W)
APEXMalicious
Kasperskynot-a-virus:AdWare.Win32.Ruco.aos
AlibabaAdWare:Win32/Ruco.8ba058f9
NANO-AntivirusTrojan.Win32.BtcMine.epuuzh
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.Fareit.tc
WebrootW32.Malware.Gen
Antiy-AVLGrayWare/Win32.StartPage.gen
ZoneAlarmnot-a-virus:AdWare.Win32.Ruco.aos
VBA32AdWare.Ruco
SentinelOneDFI – Suspicious PE
MaxSecureTrojan.Malware.10067332.susgen
Cybereasonmalicious.8d64fd

How to remove AdWare.Win32.Ruco.aos?

AdWare.Win32.Ruco.aos removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment