Categories: Adware

Win32/Adware.Genius.F malicious file

The Win32/Adware.Genius.F is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Adware.Genius.F virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Creates RWX memory
Guard pages use detected – possible anti-debugging.
Dynamic (imported) function loading detected
Reads data out of its own binary image
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Installs itself for autorun at Windows startup

How to determine Win32/Adware.Genius.F?


File Info:
name: 7440425DA4AF2D093353.mlwpath: /opt/CAPEv2/storage/binaries/2ee81d94d039bea16a46006be1ba7025d0ee39aa5203330132532b9411c3abc2crc32: E219092Dmd5: 7440425da4af2d093353e4ac3bf5ee94sha1: 9e0ca5445062a1fd243ec095fe708846c870dcffsha256: 2ee81d94d039bea16a46006be1ba7025d0ee39aa5203330132532b9411c3abc2sha512: dbd4d2a336b6641314601d75dab7bd862c50c5816fe94830531bcaa4b953ece26a331a83cf13b42cbce35da6354e390a188940c468c6c2cf2e030c83e835b9d2ssdeep: 6144:VGlEhSMl9o1yVzuMB9gX9xjiijiBjxzJzU/:VGlEhTl9oyVqMB949liijiV1JzUtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T184A48B346EEA203AB573AB7CCAE0359AA95E77E337075C9D10B602CA07279439DC153Dsha3_384: bd12247dfca90789106833d8b284230ddfc0f131b3217bef9a5259b4dbcf615ee59f28950886e0109c2012100dbf7a41ep_bytes: ff250020400000000000000000000000timestamp: 2012-12-26 04:10:52
Version Info:
Translation: 0x0000 0x04b0CompanyName: MicrosoftFileDescription: InstallerFileVersion: 1.0.0.0InternalName: Installer.exeLegalCopyright: Copyright © Microsoft 2012OriginalFilename: Installer.exeProductName: InstallerProductVersion: 1.0.0.0Assembly Version: 1.0.0.0

Win32/Adware.Genius.F also known as:

Bkav	W32.AIDetectNet.01
MicroWorld-eScan	Trojan.MSIL.Basic.6.Gen
ALYac	Trojan.MSIL.Basic.6.Gen
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Adware ( 004e779f1 )
Alibaba	AdWare:Win32/Genius.b109f2c2
K7GW	Adware ( 004e779f1 )
Cybereason	malicious.da4af2
Cyren	W32/GenTroj.BQ.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Adware.Genius.F
APEX	Malicious
ClamAV	Win.Adware.Agent-1344768
Kaspersky	not-a-virus:HEUR:AdWare.MSIL.Generic
BitDefender	Trojan.MSIL.Basic.6.Gen
NANO-Antivirus	Trojan.Win32.Genius.dkgbmh
Avast	Win32:Adware-ADO [Adw]
Tencent	Malware.Win32.Gencirc.114cd10c
Ad-Aware	Trojan.MSIL.Basic.6.Gen
Emsisoft	Trojan.MSIL.Basic.6.Gen (B)
Comodo	TrojWare.MSIL.Skeeyah.KSF@7fch4w
DrWeb	Trojan.DownLoader7.56436
McAfee-GW-Edition	PUP-XAC-VJ
FireEye	Generic.mg.7440425da4af2d09
Sophos	Generic PUA JO (PUA)
Ikarus	Trojan-Dropper.MSIL
GData	Trojan.MSIL.Basic.6.Gen
Jiangmin	DangerousObject.Multi.dst
Avira	TR/Dropper.MSIL.Gen
Arcabit	Trojan.MSIL.Basic.6.Gen
Microsoft	Trojan:Win32/Ymacco
Cynet	Malicious (score: 99)
AhnLab-V3	Trojan/Win32.Agent.C204477
Acronis	suspicious
McAfee	PUP-XAC-VJ
MAX	malware (ai score=99)
Rising	Trojan.Generic/MSIL@AI.100 (RDM.MSIL:+MI15tWZC4M/6DwTDZQREQ)
Yandex	PUA.Genius!A4fz8Ifo3XU
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Dropper.FO!tr
BitDefenderTheta	AI:Packer.48E2FB681F
AVG	Win32:Adware-ADO [Adw]
Panda	Generic Malware
CrowdStrike	win/malicious_confidence_100% (D)