PUA

PUA:Win32/OpenDownloadManager removal tips

Malware Removal

The PUA:Win32/OpenDownloadManager is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PUA:Win32/OpenDownloadManager virus can do?

  • Attempts to connect to a dead IP:Port (2 unique times)
  • Presents an Authenticode digital signature
  • A process attempted to delay the analysis task.
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.

Related domains:

svc1.assystnotes.com

How to determine PUA:Win32/OpenDownloadManager?



File Info:

crc32: ED0CE7F9
md5: c0e611c5a2014b999324adac6be42ad0
name: instanotes.exe
sha1: e8a9ef411ca6151585d0a22d513e3f4e35c26a46
sha256: 19ac31edaa798848cc59fd58d86e373abbe00fb852ae815a9656190745ce780f
sha512: dd1e67381473e63f3fa4706d2fa853479858c4d81776b9e58bd62c966accb7c4f7e95f53634abb31fd702c12ac02001ea78b8c159832899812885e2f9be503f0
ssdeep: 98304:G2cPK8vlmiXBbWjsa45ATgeyleebw8iR/HEX:pCKjiXwYa45AT1yn5i5Hi
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 TELUS Santxe9
FileVersion: 2.9.1.2
CompanyName: TELUS Santxe9
ProductName: InstallAssystNotes
ProductVersion: 2.9.1.2
FileDescription: AssystNotes installer
Translation: 0x0809 0x04b0

PUA:Win32/OpenDownloadManager also known as:

MicroWorld-eScanAIT:Trojan.Nymeria.1884
McAfeeArtemis!C0E611C5A201
CylanceUnsafe
SangforMalware
K7GWTrojan ( 700000111 )
K7AntiVirusTrojan ( 700000111 )
Paloaltogeneric.ml
BitDefenderAIT:Trojan.Nymeria.1884
Ad-AwareAIT:Trojan.Nymeria.1884
EmsisoftAIT:Trojan.Nymeria.1884 (B)
McAfee-GW-EditionArtemis
FireEyeAIT:Trojan.Nymeria.1884
SophosMal/Generic-S
CyrenW32/Trojan.SYCS-8646
WebrootW32.Trojan.Gen
MAXmalware (ai score=81)
Endgamemalicious (high confidence)
ArcabitAIT:Trojan.Nymeria.D75C
MicrosoftPUA:Win32/OpenDownloadManager
BitDefenderThetaAI:Packer.F616CE2217
ALYacAIT:Trojan.Nymeria.1884
eGambitUnsafe.AI_Score_99%
GDataAIT:Trojan.Nymeria.1884 (5x)
AVGWin32:Malware-gen
Cybereasonmalicious.5a2014
AvastWin32:Malware-gen
Qihoo-360HEUR/QVM10.2.7463.Malware.Gen

How to remove PUA:Win32/OpenDownloadManager?

PUA:Win32/OpenDownloadManager removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment