Malware

How to remove “UDS:AdWare.Win32.Cjishu”?

Malware Removal

The UDS:AdWare.Win32.Cjishu is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What UDS:AdWare.Win32.Cjishu virus can do?

  • Dynamic (imported) function loading detected
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine UDS:AdWare.Win32.Cjishu?



File Info:

name: DC1D2C4756B86F52380D.mlw
path: /opt/CAPEv2/storage/binaries/dfafdac06cc2efc61d4240f8ccacbf6a2897f2c4402fa6599339bf2f5e5af679
crc32: 5D61B0E1
md5: dc1d2c4756b86f52380d42a4dbe8be6b
sha1: a31a98f07fed8916a33aa3212fc11c1e9d9341bd
sha256: dfafdac06cc2efc61d4240f8ccacbf6a2897f2c4402fa6599339bf2f5e5af679
sha512: d724eaf0ebf15ec938e8b9a52904d3f8c8a3d6a39b6619810608c01d8b6d215290d0c309ae1b4193f22aa81c8f08348c3f1301f0b43124943cc4832cadc4e75c
ssdeep: 98304:URTYjRyVBBSRey+zJVOBE3l9WFJRnzMJt/QWc6fRmkajBK0XB0ezSn8d4Gl2isO:U5yM5a+zJIS9cJRzMVfN0EhRVGIu
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11B6633A24951A3F9D161CC7248E7502AB286BC5B73D471FD2B54F73A3C7BA02E897E01
sha3_384: baa275464f16622edd69c78dd6bd6ec29aded563b399e00054303b74da1d8e356a0745c27510ffcb42e021fcbedb155f
ep_bytes: 81ecd4020000535556576a2033ed5e89
timestamp: 2012-02-24 19:19:59


Version Info:

CompanyName: Anhui Aiqi Network Technology Co., Ltd
FileDescription: iNote文本程序
FileVersion: 2.0.10.119
LegalCopyright: Copyright (C) 2020 iNote Inc. All rights reserved.
ProductName: iNote
ProductVersion: 2.0.10.119
Translation: 0x0804 0x04b0

UDS:AdWare.Win32.Cjishu also known as:

LionicAdware.Win32.Cjishu.2!c
CylanceUnsafe
ZillyaAdware.Cjishu.Win32.271
SangforAdware.Win32.Cjishu.gen
K7AntiVirusRiskware ( 00584baa1 )
AlibabaAdWare:Win32/Cjishu.03d731bb
K7GWRiskware ( 00584baa1 )
CyrenW32/Trojan.XLPB-4092
SymantecML.Attribute.HighConfidence
ESET-NOD32multiple detections
TrendMicro-HouseCallTROJ_GEN.R002H07LU21
Kasperskynot-a-virus:UDS:AdWare.Win32.Cjishu.gen
AvastWin32:AdwareX-gen [Adw]
TencentWin32.Trojan.Multiple.Wrgn
SophosGeneric PUA KD (PUA)
McAfee-GW-EditionBehavesLike.Win32.PUP.vc
IkarusPUA.Cjishu
GDataWin32.Application.Agent.6RP4AD
GridinsoftRansom.Win32.Wacatac.sa
ViRobotAdware.Cjishu.6615040
MicrosoftProgram:Win32/Uwamson.A!ml
McAfeeArtemis!DC1D2C4756B8
VBA32Adware.Cjishu
RisingAdware.AdPop!1.B85F (CLOUD)
YandexPUA.Cjishu!EqWbxOLxW3g
AVGWin32:AdwareX-gen [Adw]
PandaTrj/CI.A

How to remove UDS:AdWare.Win32.Cjishu?

UDS:AdWare.Win32.Cjishu removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment