Adware

Dropped:Adware.MultiPlug.CY removal

Malware Removal

The Dropped:Adware.MultiPlug.CY is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Dropped:Adware.MultiPlug.CY virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Dropped:Adware.MultiPlug.CY?



File Info:

name: C3D282E14FB307AB8C3E.mlw
path: /opt/CAPEv2/storage/binaries/17ddeb6c2555f823bc47d17ae349af72f7b59a203ce54137b3ce7d09f3b23b6e
crc32: D6F0D7E8
md5: c3d282e14fb307ab8c3e7aec112e05df
sha1: db9835331e92948bc470eb8940ff04d8c488f61f
sha256: 17ddeb6c2555f823bc47d17ae349af72f7b59a203ce54137b3ce7d09f3b23b6e
sha512: 45041b9fe4f50235d360fd587655c240052930fda317ce8af7f4eca8642db3c15c32fd41e82b57cd6866ca82c5b19495ee552d0b77aa80b59c70892ab89a27bc
ssdeep: 24576:h1OYdaOAmk5CcOgndTSmmmpOONysiA66Fv3:h1Os3qTTtmmpzysiTsf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FE557D21F6A28075D0B280359E7E967BB57878310B7496CBB7C44A1E2FB17C0EA35B53
sha3_384: ecc4c84e897d9894ae315d6e67336f1d6c3fd84a9d00a4a61ec0a58f1b3d47ad465713b9bfe894ab69c5d7791cee33c9
ep_bytes: 558bec6aff68e0b94100682c4a410064
timestamp: 2010-11-18 16:27:35


Version Info:

CompanyName: Igor Pavlov
FileDescription: 7z Setup SFX
FileVersion: 9.20
InternalName: 7zS.sfx
LegalCopyright: Copyright (c) 1999-2010 Igor Pavlov
OriginalFilename: 7zS.sfx.exe
ProductName: 7-Zip
ProductVersion: 9.20
Translation: 0x0409 0x04b0

Dropped:Adware.MultiPlug.CY also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanDropped:Adware.MultiPlug.CY
FireEyeDropped:Adware.MultiPlug.CY
CAT-QuickHealWin32.Megasearch.A
SkyhighBehavesLike.Win32.PUP.th
ALYacDropped:Adware.MultiPlug.CY
Cylanceunsafe
SangforSuspicious.Win32.Save.ins
CrowdStrikewin/grayware_confidence_100% (W)
AlibabaAdWare:Win32/MegaSearch.8159d538
K7GWUnwanted-Program ( 0040fa331 )
K7AntiVirusUnwanted-Program ( 0040fa331 )
BitDefenderThetaAI:Packer.5CFC39011F
VirITAdware.Win32.Generic.W
SymantecAdware.Browext
tehtrisGeneric.Malware
ESET-NOD32multiple detections
APEXMalicious
CynetMalicious (score: 100)
Kasperskynot-a-virus:AdWare.Win32.MegaSearch.ap
BitDefenderDropped:Adware.MultiPlug.CY
NANO-AntivirusRiskware.Script.Plugin.cqxkvi
TencentWin32.AdWare.Megasearch.Njgl
SophosGeneric Reputation PUA (PUA)
BaiduWin32.Adware.JS.a
F-SecureAdware.ADWARE/Multiplug.PU
DrWebJS.Plugin.13
VIPREDropped:Adware.MultiPlug.CY
TrendMicroTROJ_GEN.R002C0OCB24
Trapminemalicious.high.ml.score
EmsisoftDropped:Adware.MultiPlug.CY (B)
SentinelOneStatic AI – Malicious SFX
JiangminAdware.Agent.dcs
VaristMegaSearch.A.gen
AviraJS/MPlug.PR
Antiy-AVLTrojan/Win32.SGeneric
KingsoftWin32.Troj.MegaSearch.ap
MicrosoftBrowserModifier:Win32/Diplugem
XcitiumApplication.Win32.Multiplug.PU@6lh3rv
ArcabitAdware.MultiPlug.CY
ViRobotAdware.Multiplug.1378705
ZoneAlarmnot-a-virus:AdWare.Win32.MegaSearch.ap
GDataWin32.Application.MegaSearch.G
GoogleDetected
AhnLab-V3Adware/Win32.MegaSearch.R91133
VBA32Adware.MultiPlug
MAXmalware (ai score=96)
DeepInstinctMALICIOUS
MalwarebytesGeneric.Malware.AI.DDS
TrendMicro-HouseCallTROJ_GEN.R002C0OCB24
RisingAdware.MultiPlug/JS!1.A115 (CLASSIC)
YandexPUA.Agent!oLP4FA1o/W4
IkarusPUA.Monetizer.Gen7
MaxSecureAdware.JS.MultiPlug.P
FortinetJS/Moat.EF9DE79F!tr
PandaTrj/CI.A

How to remove Dropped:Adware.MultiPlug.CY?

Dropped:Adware.MultiPlug.CY removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment