Malware

What is “MSIL/Waredot.A potentially unwanted”?

Malware Removal

The MSIL/Waredot.A potentially unwanted is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/Waredot.A potentially unwanted virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine MSIL/Waredot.A potentially unwanted?



File Info:

name: 3AAB6CD1441F1A0BB2F2.mlw
path: /opt/CAPEv2/storage/binaries/b2f5b1be81b91a77baec6fc126f5a8ad1eaf8abf1e5706317ed127a1ada0ef58
crc32: BF6DFE65
md5: 3aab6cd1441f1a0bb2f2145a6338a2c3
sha1: 4a0c7dfc2721256eb2ca7b55670a9ed2a3924add
sha256: b2f5b1be81b91a77baec6fc126f5a8ad1eaf8abf1e5706317ed127a1ada0ef58
sha512: 248839779266d3f16da4878b67cf44c7a188bb065a88ee6298075a2f31440c03ebacc629db5584ce7045bdfae79aa4049b52b6b0a8b258f7fc7605746707b966
ssdeep: 12288:TwmHxfQGuSdvdZxFVYMoq8VJehEcHzWDXE6uw6LBUUE/Qk+xrdg:tjZxFVYvJgz0uLBUUE/Qkkdg
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13535AE8073688138D6294B3A8035C175933DAD47E42ECB5D36E6EC9F78E67C38A056E7
sha3_384: fded6a3c2d70ed011fac0c2e5e41ac742dd85f8b9a2184b9464a6676a2db7b921354a18e6a7a76cd596a48f7881ad79b
ep_bytes: ff25002040004976616e204d65647665
timestamp: 2089-04-02 16:48:41


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Waredot Internet Security
FileVersion: 22.11.11.0
InternalName: Waredot Internet Security.exe
LegalCopyright: Copyright © 2022
LegalTrademarks: 
OriginalFilename: Waredot Internet Security.exe
ProductName: Waredot Internet Security
ProductVersion: 22.11.11.0
Assembly Version: 22.11.11.0

MSIL/Waredot.A potentially unwanted also known as:

BkavW32.AIDetectMalware.CS
MicroWorld-eScanTrojan.GenericKD.71902855
FireEyeTrojan.GenericKD.71902855
SkyhighArtemis!Trojan
McAfeeArtemis!3AAB6CD1441F
MalwarebytesGeneric.Malware/Suspicious
K7AntiVirusAdware ( 005add2c1 )
K7GWAdware ( 005add2c1 )
VirITTrojan.Win32.MSIL_Heur.A
ESET-NOD32a variant of MSIL/Waredot.A potentially unwanted
TrendMicro-HouseCallTROJ_GEN.R002H09CC24
BitDefenderTrojan.GenericKD.71902855
AvastWin32:MiscX-gen [PUP]
EmsisoftTrojan.GenericKD.71902855 (B)
VIPRETrojan.GenericKD.71902855
GoogleDetected
VaristW32/ABRisk.TATJ-7665
Antiy-AVLGrayWare/MSIL.Waredot
ArcabitTrojan.Generic.D4492687
GDataTrojan.GenericKD.71902855
AhnLab-V3Malware/Win.Generic.C5599126
VBA32Trojan.MSIL.Kickler.gen
ALYacTrojan.GenericKD.71902855
MAXmalware (ai score=82)
Cylanceunsafe
RisingPUA.Waredot!8.18C87 (CLOUD)
IkarusPUA.MSIL.Waredot
FortinetAdware/Waredot
AVGWin32:MiscX-gen [PUP]
DeepInstinctMALICIOUS

How to remove MSIL/Waredot.A potentially unwanted?

MSIL/Waredot.A potentially unwanted removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment