Malware

AdWare.Win32.Wews87.cof (file analysis)

Malware Removal

The AdWare.Win32.Wews87.cof is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What AdWare.Win32.Wews87.cof virus can do?

  • Presents an Authenticode digital signature
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine AdWare.Win32.Wews87.cof?



File Info:

crc32: D7FE0B47
md5: 5ec8dc3cbd6e07e33755b4f9c1c8a7d9
name: dqwjh_wqeq.exe
sha1: 7b843d6b42d125f6861bd2dfff86e94d638427b5
sha256: 1f9f300cfe706084cac71c9245581a880610a3c61ca061c7a07051310d06fb12
sha512: e6993407766ea29ff6c03105fc1e60b76c857ae6c2bee7c32521d69bd334499c4cb1b5282f529e9629261d9dd6b949ed4a311439312b726fd4940ac41df72ce5
ssdeep: 24576:HO6zz/6LzaGwNKwy4+gUgHbDfgFePhfgmVgjEOCns8WYqRSB5HpLdW:Hl/AaGwNLSebDfTpTVO58WYqYhW
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: x4e0ax6d77x4e09x4e03x73a9x7f51x7edcx79d1x6280x6709x9650x516cx53f8
FileVersion: 3.0.0.0
CompanyName: x4e0ax6d77x4e09x4e03x73a9x7f51x7edcx79d1x6280x6709x9650x516cx53f8
ProductName: x706dx795e
ProductVersion: 3.0.0.0
FileDescription: x706dx795e install
Translation: 0x0804 0x03a8

AdWare.Win32.Wews87.cof also known as:

CAT-QuickHealApplication.Agent.ZZ5
McAfeeArtemis!5EC8DC3CBD6E
CylanceUnsafe
K7GWAdware ( 004f25fb1 )
K7AntiVirusAdware ( 004f25fb1 )
TrendMicroTROJ_GEN.R061C0OL518
CyrenW32/Trojan.GOUW-5892
SymantecSMG.Heur!gen
TrendMicro-HouseCallTROJ_GEN.R061C0OL518
AvastWin32:Malware-gen
GDataWin32.Trojan.Agent.XYAXOL
Kasperskynot-a-virus:AdWare.Win32.Wews87.cof
SophosGeneric PUA BG (PUA)
ComodoMalware@#2okpkg1sq0n1z
McAfee-GW-EditionArtemis!PUP
AviraHEUR/AGEN.1036367
Antiy-AVLTrojan/Win32.Zpevdo
MicrosoftPUA:Win32/GameBox
ZoneAlarmnot-a-virus:AdWare.Win32.Wews87.cof
VBA32Adware.Wews
MalwarebytesPUP.Optional.Chickil
PandaTrj/CI.A
ESET-NOD32a variant of Win32/Wews87.B potentially unwanted
IkarusPUA.Wews87
FortinetRiskware/Wews87
AVGWin32:Malware-gen
Qihoo-360Win32/Virus.Adware.a8c

How to remove AdWare.Win32.Wews87.cof?

AdWare.Win32.Wews87.cof removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment