Malware

AdWare.Win32.Wews87.ekx removal guide

Malware Removal

The AdWare.Win32.Wews87.ekx is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What AdWare.Win32.Wews87.ekx virus can do?

  • Executable code extraction
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine AdWare.Win32.Wews87.ekx?



File Info:

crc32: 36B4EE61
md5: 93fcfc8dd76025217748b8937eeae533
name: douyuqyz.exe
sha1: b036e91c17d01d8585c6014f736949c99030a38c
sha256: fc67e82fbcb30ec110e764a8864f5a00624b4a8ecc99d923cd73e25b752dda4c
sha512: 39d7ee52f91c6be2e237602c0e218fcfa61c7a8be1d96c3f5c276666cfaa599c5c473d3136191cd991c494a343efe52c2f4665c61f7c2bca6891add4977de372
ssdeep: 24576:C1BygckpfnSl6l/6VnJHN+LHNp/zIjNId0FRMnoK82EPJeltJEWzNmr5wRU:C1fcEfSle/61JH4LHNp/0jK6XHKLdzJo
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: x6597x9c7cx6e38x620fx4e2dx5fc3
ProductName: x6597x9c7cx9752x4e91x5fd7
FileDescription: x6597x9c7cx9752x4e91x5fd7 install
FileVersion: 3.0.0.2
CompanyName: x6597x9c7cx6e38x620fx4e2dx5fc3
Translation: 0x0804 0x03a8

AdWare.Win32.Wews87.ekx also known as:

Qihoo-360Generic/Virus.Adware.5a3
McAfeeArtemis!93FCFC8DD760
CylanceUnsafe
K7GWUnwanted-Program ( 005125661 )
K7AntiVirusUnwanted-Program ( 005125661 )
Invinceaheuristic
SymantecPUA.Gen.2
APEXMalicious
Kasperskynot-a-virus:AdWare.Win32.Wews87.ekx
SophosGeneric PUA JD (PUA)
ComodoApplicUnwnt@#36nqalin3o1lk
EmsisoftApplication.ChinAd (A)
CyrenW32/Application.IZCH-1369
AviraADWARE/Wews87.ncsiy
Antiy-AVLGrayWare[AdWare]/Win32.Wews87
ZoneAlarmnot-a-virus:AdWare.Win32.Wews87.ekx
MicrosoftPUA:Win32/Presenoker
CynetMalicious (score: 85)
VBA32BScope.Adware.FileFinder
ESET-NOD32a variant of Win32/Wews87.A potentially unwanted
RisingPUA.News!8.F7D0 (CLOUD)
eGambitUnsafe.AI_Score_75%
FortinetAdware/Wews87
AVGWin32:MdeClass

How to remove AdWare.Win32.Wews87.ekx?

AdWare.Win32.Wews87.ekx removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment