About "RiskTool.Win32.KuaiZip" infection

The RiskTool.Win32.KuaiZip is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What RiskTool.Win32.KuaiZip virus can do?

Presents an Authenticode digital signature
Creates RWX memory
Reads data out of its own binary image
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
Queries information on disks, possibly for anti-virtualization
Attempts to modify browser security settings

Related domains:

tj.kpzip.com

news.7654.com

How to determine RiskTool.Win32.KuaiZip?


File Info:
crc32: 88CE4183
md5: aefbc1200245f2893a3b0eb280fc056e
name: mininewsplus-1.exe
sha1: a0d2c4fbd0a1b41e022019a953d30b526fce8b92
sha256: 196aed2ac72c2bfd38bfc8af75957be389e3bc38d2b4a7986e92e0a44079cf34
sha512: 7701d2d80fb1b6ce7854eb1e85fafa2211af49d6d62bb3592e74f3a69ceccc5e965bf6c243e6789d62ad0e572420042050759591fc2d66c86731d61fc9f093ee
ssdeep: 6144:UePIjw/BNu3NaZlT38l+ozFezIcmbMdxz8TKVj5QiNH8lnn3coS4b2coskF:RQyBNFlTe+rccmYry3iN8n3coS41op
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:
LegalCopyright: 
InternalName: MiniNewsPlus
FileVersion: 3.0.261.79
CompanyName: 
LegalTrademarks: 
Comments: 
ProductName: 
ProductVersion: 3.0.261.79
FileDescription: MiniNewsPlus
Translation: 0x0804 0x04e4

RiskTool.Win32.KuaiZip also known as:

Bkav	W32.HfsAdware.C51A
DrWeb	Program.Kuaizip.1
MicroWorld-eScan	Gen:Variant.Strictor.202171
FireEye	Generic.mg.aefbc1200245f289
CAT-QuickHeal	Trojan.Kuaizip
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
K7AntiVirus	Riskware ( 0040eff71 )
BitDefender	Gen:Variant.Strictor.202171
K7GW	Riskware ( 0040eff71 )
Invincea	heuristic
Cyren	W32/Adware.TMNG-5348
APEX	Malicious
Avast	Win32:PUP-gen [PUP]
GData	Gen:Variant.Strictor.202171
Kaspersky	not-a-virus:HEUR:RiskTool.Win32.KuaiZip.gen
Alibaba	Backdoor:Win32/KZip.9c4939bb
NANO-Antivirus	Riskware.Win32.KuaiZip.gjrdhv
Tencent	Malware.Win32.Gencirc.10b888f6
Sophos	KuaiZip (PUA)
F-Secure	Adware.ADWARE/Kuaizip.hwuxh
Zillya	Adware.KuaiZip.Win32.434
TrendMicro	TROJ_GEN.R015C0PIH19
McAfee-GW-Edition	PUP-XHW-XZ
Emsisoft	Gen:Variant.Strictor.202171 (B)
Ikarus	Trojan-Dropper.Delf
Jiangmin	RiskTool.KuaiZip.gj
MaxSecure	Trojan.Malware.74069765.susgen
Avira	ADWARE/Kuaizip.hwuxh
Antiy-AVL	RiskWare[RiskTool]/Win32.KuaiZip
Endgame	malicious (moderate confidence)
SUPERAntiSpyware	PUP.KuaiZip/Variant
ZoneAlarm	not-a-virus:HEUR:AdWare.Win32.KuaiZip.gen
Microsoft	PUA:Win32/KuaiZip
AhnLab-V3	PUP/Win32.RL_Generic.R292163
McAfee	GenericRXAA-AA!AEFBC1200245
MAX	malware (ai score=99)
VBA32	suspected of Trojan.Downloader.gen.h
Malwarebytes	Adware.Kuaiba
Panda	Trj/Genetic.gen
ESET-NOD32	a variant of Win32/KuaiZip.W potentially unwanted
TrendMicro-HouseCall	TROJ_GEN.R015C0PIH19
Rising	PUA.KuaiZip!8.2F40 (RDMK:cmRtazolptwBSlbTowym4fc3pDnM)
Yandex	PUA.KuaiZip!
SentinelOne	DFI – Malicious PE
eGambit	Unsafe.AI_Score_99%
Fortinet	Riskware/KuaiZip
Webroot	W32.Adware.Gen
AVG	FileRepMalware [PUP]
CrowdStrike	win/malicious_confidence_60% (D)

How to remove RiskTool.Win32.KuaiZip?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About “RiskTool.Win32.KuaiZip” infection