W32/Datunif-A removal guide

The W32/Datunif-A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What W32/Datunif-A virus can do?

Authenticode signature is invalid

How to determine W32/Datunif-A?


File Info:
name: A58B5D658AD5A2DFFC33.mlw
path: /opt/CAPEv2/storage/binaries/efbde57b5e015141b9927f932c9201d8b49d181be3a79619e6e180e9eb8292fb
crc32: 397466C4
md5: a58b5d658ad5a2dffc331c4ce178f39d
sha1: 7dd2dbae254ed4892d914af885571f75b803a597
sha256: efbde57b5e015141b9927f932c9201d8b49d181be3a79619e6e180e9eb8292fb
sha512: 6b7b4fa130203566bf608a4fa85d1d89ab3e39af3bbe8a07f264e558d2bd5096035c0fa4f858242fb30c22c851dabc2a3c68845af30b0cc3eb39638fd47c3575
ssdeep: 768:Dc7liTdycAl+qOQSgFrhKo//WomvdfQXwYt1IEDIefZsK:I7IxXAcqOK3qowgnt1d
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EA632FA3B6B35C4AD5C27DBA2B878CE60573A04D0F573652F290872DB638E21149BF53
sha3_384: 3614e9418fac4cd6d3283e73e10845ab6b942af673489f1864dbf1e3eba1d28d78d737fb72bcf83981669a55d6302f54
ep_bytes: 68f4114000e8eeffffff000000000000
timestamp: 2009-06-17 14:24:34

Version Info:
Translation: 0x0409 0x04b0

W32/Datunif-A also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Trojan.Chinky.2
FireEye	Generic.mg.a58b5d658ad5a2df
CAT-QuickHeal	Worm.Datunif.A
Skyhigh	BehavesLike.Win32.VBObfus.km
ALYac	Gen:Trojan.Chinky.2
Malwarebytes	Generic.Malware.AI.DDS
Zillya	Worm.Basun.Win32.18780
Sangfor	Suspicious.Win32.Save.vb
K7AntiVirus	EmailWorm ( 000dc83c1 )
Alibaba	Trojan:Win32/Starter.ali2000005
K7GW	EmailWorm ( 000dc83c1 )
CrowdStrike	win/malicious_confidence_100% (W)
Arcabit	Trojan.Chinky.2
BitDefenderTheta	AI:Packer.DD73FADD1F
VirIT	Trojan.Win32.VB.KF
Symantec	W32.Changeup
tehtris	Generic.Malware
ESET-NOD32	Win32/TrojanDownloader.VB.NZX
APEX	Malicious
TrendMicro-HouseCall	WORM_VB.TOT
ClamAV	Win.Trojan.VB-1042
Kaspersky	Worm.Win32.Basun.ajp
BitDefender	Gen:Trojan.Chinky.2
NANO-Antivirus	Trojan.Win32.Basun.bakqn
SUPERAntiSpyware	Trojan.Agent/Gen-NameThief[Smart]
Avast	Win32:AutoRun-AYY [Wrm]
Tencent	Worm.Win32.Basun.a
TACHYON	Trojan/W32.VB-Agent.69632.AQ
Emsisoft	Gen:Trojan.Chinky.2 (B)
Baidu	Win32.Trojan.VB.q
F-Secure	Trojan.TR/Dropper.Gen
DrWeb	Win32.HLLW.Autoruner2.24570
VIPRE	Gen:Trojan.Chinky.2
TrendMicro	WORM_VB.TOT
Trapmine	malicious.high.ml.score
Sophos	W32/Datunif-A
SentinelOne	Static AI – Malicious PE
Jiangmin	Worm/Basun.abfu
Google	Detected
Avira	TR/Dropper.Gen
Varist	W32/VB.W.gen!Eldorado
Antiy-AVL	Trojan[Downloader]/Win32.VB
Kingsoft	malware.kb.a.1000
Xcitium	Worm.Win32.Basun.ajp0@14jyik
Microsoft	Worm:Win32/Vobfus.F
ViRobot	Worm.Win32.A.Basun.69632.DZ
ZoneAlarm	Worm.Win32.Basun.ajp
GData	Gen:Trojan.Chinky.2
Cynet	Malicious (score: 100)
AhnLab-V3	Win32/Basun.worm.Gen
Acronis	suspicious
McAfee	W32/VBNA.worm.gen.c
MAX	malware (ai score=100)
VBA32	Trojan-Downloader.VB.NZX
Cylance	unsafe
Panda	Trj/Downloader.WFP
Rising	Trojan.DL.Win32.VBcode.ij (CLASSIC)
Yandex	Trojan.GenAsa!9OBQBLME9hg
Ikarus	Trojan.VB.Inject
MaxSecure	Worm.W32.Basun.ajp
Fortinet	W32/VBNA.G!tr
AVG	Win32:AutoRun-AYY [Wrm]
DeepInstinct	MALICIOUS
alibabacloud	Trojan

How to remove W32/Datunif-A?

W32/Datunif-A removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X