Adware

Dropped:Adware.MultiPlug.NM information

Malware Removal

The Dropped:Adware.MultiPlug.NM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Dropped:Adware.MultiPlug.NM virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Dropped:Adware.MultiPlug.NM?



File Info:

name: B3DE46590FFF8410E9FB.mlw
path: /opt/CAPEv2/storage/binaries/a34a25e66ad3f627b0511a109626ea85d6ebe5510bf93e2ca37808d7abafa147
crc32: D7E89575
md5: b3de46590fff8410e9fbfc05be0398c5
sha1: e6e534b7876192ffa1ebf0dc4bd881900e7edd2a
sha256: a34a25e66ad3f627b0511a109626ea85d6ebe5510bf93e2ca37808d7abafa147
sha512: f7cf53dc439940d596f8ee92ef71c1a8fafde3aac2f4219edea86d1f908280c4d9e957ec8fcd02f9cac6c02d0b87f952ab49c68a4ffa0c74e2b5754f653a0813
ssdeep: 24576:h1OYdaOtqU2Uzf5dilCfBJybrWSjDBXEZc78KU88Smhr8/zcP:h1OsXqBI5dilCfc/vOhrqK
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T194A56C02FAA980F6D0BAD6368AA76227F67070240B3417C37385577B1FB67E06535F86
sha3_384: 7dfe084123e52b802d25b667a43f357da2352bc6b2960ba86ab5932ceaf6897bef4c0b1bbb13ba13776fc013d23eef8f
ep_bytes: 558bec6aff68e0b94100682c4a410064
timestamp: 2010-11-18 16:27:35


Version Info:

CompanyName: Igor Pavlov
FileDescription: 7z Setup SFX
FileVersion: 9.20
InternalName: 7zS.sfx
LegalCopyright: Copyright (c) 1999-2010 Igor Pavlov
OriginalFilename: 7zS.sfx.exe
ProductName: 7-Zip
ProductVersion: 9.20
Translation: 0x0409 0x04b0

Dropped:Adware.MultiPlug.NM also known as:

BkavW32.AIDetectMalware
LionicAdware.Win32.MegaSearch.2!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CAT-QuickHealWin32.Megasearch.A
ALYacDropped:Adware.MultiPlug.NM
Cylanceunsafe
SangforSuspicious.Win32.Save.ins
K7AntiVirusAdware ( 005524301 )
BitDefenderDropped:Adware.MultiPlug.NM
K7GWAdware ( 005524301 )
ArcabitAdware.MultiPlug.NM
BitDefenderThetaGen:NN.ZexaF.36744.nuW@am!iENoi
VirITAdware.Win32.SaveClicker.C
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32multiple detections
APEXMalicious
ClamAVJs.Downloader.Diplugem-6268245-0
KasperskyTrojan.Win32.Agent.ifbi
AlibabaAdWare:Win32/MultiPlug.0f725906
NANO-AntivirusRiskware.Script.Plugin.cqxkvi
MicroWorld-eScanDropped:Adware.MultiPlug.NM
AvastJS:Browsermodifier-B [Trj]
TencentWin32.AdWare.Megasearch.Fflw
BaiduWin32.Adware.MPlug.a
DrWebTrojan.Crossrider.35
ZillyaAdware.MultiPlugGen.Win32.5
TrendMicroADW_MULTIPLUG
Trapminemalicious.high.ml.score
FireEyeDropped:Adware.MultiPlug.NM
SophosGeneric ML PUA (PUA)
IkarusPUA.Monetizer.Gen7
JiangminTrojan.Generic.fyqx
WebrootW32.Adware.Gen
VaristMegaSearch.A.gen
AviraADWARE/Multiplug.PU
MAXmalware (ai score=99)
Antiy-AVLTrojan/Win32.TSGeneric
KingsoftWin32.Troj.MegaSearch.am
XcitiumApplication.Win32.Multiplug.PU@6lh3rv
MicrosoftBrowserModifier:Win32/Diplugem
ZoneAlarmnot-a-virus:AdWare.Win32.MegaSearch.am
GDataWin32.Application.MegaSearch.G
GoogleDetected
AhnLab-V3Adware/Win32.MegaSearch.C197279
Acronissuspicious
VBA32Adware.MultiPlug
MalwarebytesGeneric.Malware.AI.DDS
ZonerTrojan.Win32.34110
TrendMicro-HouseCallADW_MULTIPLUG
RisingAdware.MultiPlug!1.A02F (CLASSIC)
YandexPUA.Agent!oLP4FA1o/W4
SentinelOneStatic AI – Malicious SFX
MaxSecureAdware.JS.MultiPlug.P
FortinetJS/Moat.EF9DE79F!tr
AVGJS:Browsermodifier-B [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/grayware_confidence_100% (D)

How to remove Dropped:Adware.MultiPlug.NM?

Dropped:Adware.MultiPlug.NM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment