Ulise.18467 removal

The Ulise.18467 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Ulise.18467 virus can do?

Presents an Authenticode digital signature
Attempts to connect to a dead IP:Port (11 unique times)
A process created a hidden window
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Attempts to modify proxy settings
Attempts to modify browser security settings

Related domains:

kyposition.dftoutiao.com

tpop-hn.7654.com

news.7654.com

hotnews.dftoutiao.com

tt-img.7654.com

hm.baidu.com

crl.globalsign.net

ocsp.globalsign.com

ocsp2.globalsign.com

crl.globalsign.com

How to determine Ulise.18467?


File Info:
crc32: 5A21BD76
md5: b3664b094ef58a2e5f5e2cf95978189b
name: tpop4-6.exe
sha1: c27965c21180ffddd2256aeba66a714dff763d55
sha256: c2fe7aa3328d252dcb98d6930267aae7e75a22af8bd6e0d136743977f22648c0
sha512: 8521c93fef4abd2dc473d937385df5c5acac8cc696493da26e6b42347dd2a2bb6845ec3d1c97cadde6c019cad57837dab565144652f4bb329ee0567e05d94d98
ssdeep: 24576:C+VsaDEiLfQ3ThcYhTec1l7sObloL/Bl2EG42G7fj48UjDIw6Fq9dr6QD:TVZV83ThjhJpon2EP8HIwU6drr
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright (C) 2018
InternalName: x6728x661fx5febx8baf
FileVersion: 2018.12.6.6
ProductName: x6728x661fx5febx8baf
ProductVersion: 2018.12.6.6
FileDescription: x6728x661fx5febx8baf
OriginalFilename: x6728x661fx5febx8baf
Translation: 0x0804 0x04b0

Ulise.18467 also known as:

Bkav	W32.HfsAdware.2489
DrWeb	Program.Kuaizip.1
MicroWorld-eScan	Gen:Variant.Ulise.18467
McAfee	GenericR-OET!B3664B094EF5
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
CrowdStrike	win/malicious_confidence_80% (D)
BitDefender	Gen:Variant.Ulise.18467
K7GW	Adware ( 005524301 )
K7AntiVirus	Adware ( 005524301 )
Arcabit	Trojan.Ulise.D4823
Invincea	heuristic
BitDefenderTheta	Gen:NN.ZexaCO3.32519.3v2@aOb0oYjb
F-Prot	W32/S-6b0b6de5!Eldorado
ESET-NOD32	a variant of Win32/KuaiZip.B potentially unwanted
TrendMicro-HouseCall	TROJ_GEN.R002C0PHE19
Avast	Win32:AdwareX-gen [Adw]
ClamAV	Win.Malware.Ulise-6878707-0
Kaspersky	not-a-virus:HEUR:AdWare.Win32.KuziTui.gen
Alibaba	Backdoor:Win32/KZip.1be22c19
ViRobot	Adware.Kuaizip.1957288.A
Rising	Adware.KuaiZip!1.B92F (CLASSIC)
Endgame	malicious (high confidence)
Emsisoft	Gen:Variant.Ulise.18467 (B)
Comodo	ApplicUnwnt@#6599fgttx2n3
F-Secure	PotentialRisk.PUA/KuaiZip.Gen
Zillya	Adware.KuziTui.Win32.28
TrendMicro	TROJ_GEN.R002C0PHE19
McAfee-GW-Edition	BehavesLike.Win32.Generic.th
FireEye	Generic.mg.b3664b094ef58a2e
Sophos	Generic PUA MC (PUA)
Cyren	W32/S-6b0b6de5!Eldorado
Jiangmin	AdWare.KuziTui.al
Webroot	W32.Adware.Gen
Avira	PUA/KuaiZip.Gen
Fortinet	Adware/KuziTui
Antiy-AVL	Trojan/Win32.Occamy
Microsoft	PUA:Win32/KuaiZip
SUPERAntiSpyware	Adware.KuaiZip/Variant
ZoneAlarm	not-a-virus:HEUR:AdWare.Win32.KuziTui.gen
AhnLab-V3	PUP/Win32.Generic.R249124
VBA32	BScope.Adware.KuziTui
ALYac	Gen:Variant.Ulise.18467
Ad-Aware	Gen:Variant.Ulise.18467
Panda	Trj/Genetic.gen
APEX	Malicious
Yandex	PUA.KuziTui!
SentinelOne	DFI – Malicious PE
GData	Gen:Variant.Ulise.18467
AVG	Win32:AdwareX-gen [Adw]
Cybereason	malicious.94ef58

How to remove Ulise.18467?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.