Malware

Doina.61912 removal tips

Malware Removal

The Doina.61912 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Doina.61912 virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Attempted to write directly to a physical drive
  • Attempts to modify proxy settings

How to determine Doina.61912?



File Info:

name: AFF8E1953D9578A8E1F6.mlw
path: /opt/CAPEv2/storage/binaries/cbe1201515e39869b87fc057b088d32df9a923a1c916dfc96913bf4de77dcde3
crc32: DEDED112
md5: aff8e1953d9578a8e1f6f9c7a160aeba
sha1: 0495f14594d5171204fdb7b179ef3ff1e58aeecc
sha256: cbe1201515e39869b87fc057b088d32df9a923a1c916dfc96913bf4de77dcde3
sha512: b3c406bc38d758aac65dfa85a21343f2f08b48c4dac3051e49699dfe4949ac5bf662d06b7c1decce96faeff6cfb54d3c0f018a5ca6f609d7d115cb1f336d12f6
ssdeep: 12288:ipBDlKgErfAFyNetqoMgRhCZ+rCq3CS33pakT6A7WcqYt1vyrgXR:ipBeEfwx0paO3qyPB
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T154C49D123A61D032D57291B01968EBA5456CBE300F7649CB73D42B6E2D705E3BF36A3B
sha3_384: 20d7973ed5a87062592e3dabb38139a107520fdac551353f63a98f9a2d4d22ad8523a2b20723f67284c204d72f76171b
ep_bytes: e84c070000e97afeffffcccccccccccc
timestamp: 2023-05-17 11:06:02


Version Info:

FileDescription: Ultra Uninstaller升级程序
FileVersion: 1.3123.1005.1014
InternalName: update.exe
LegalCopyright: Copyright  (C) 2023
OriginalFilename: update.exe
ProductName: UltraUninstaller
ProductVersion: 1.3123.1005.1014
Translation: 0x0804 0x04b0

Doina.61912 also known as:

BkavW32.Common.69686798
MicroWorld-eScanGen:Variant.Doina.61912
FireEyeGen:Variant.Doina.61912
SkyhighArtemis
McAfeeArtemis!AFF8E1953D95
Cylanceunsafe
K7AntiVirusAdware ( 0058a1a01 )
K7GWAdware ( 0058a1a01 )
CrowdStrikewin/grayware_confidence_90% (D)
BitDefenderGen:Variant.Doina.61912
AvastWin32:MiscX-gen [PUP]
EmsisoftGen:Variant.Doina.61912 (B)
VIPREGen:Variant.Doina.61912
IkarusPUA.Ludashi
GDataGen:Variant.Doina.61912
GoogleDetected
ArcabitTrojan.Doina.DF1D8
VaristW32/ABRisk.UZOB-0763
ALYacGen:Variant.Doina.61912
MAXmalware (ai score=89)
MalwarebytesGeneric.Malware/Suspicious
RisingAdware.MiniPopups!8.1337F (CLOUD)
MaxSecureTrojan.Malware.216070311.susgen
FortinetRiskware/Application
AVGWin32:MiscX-gen [PUP]
DeepInstinctMALICIOUS

How to remove Doina.61912?

Doina.61912 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment