What is “Win32/Adware.HPDefender.EMM”?

The Win32/Adware.HPDefender.EMM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Adware.HPDefender.EMM virus can do?

Network activity detected but not expressed in API logs

How to determine Win32/Adware.HPDefender.EMM?


File Info:
crc32: EDC6E200
md5: 625ae5dcc71c0d53221c3abb0baacdc1
name: 625AE5DCC71C0D53221C3ABB0BAACDC1.mlw
sha1: b7846e4b3ea181c48d3f97e81c4590f3b604fa8f
sha256: df2d8afd3efaaa2a5b6bf8939e730d758040f11ff7efeb7e6b5de309f4583767
sha512: 14bcf0c7800daa91f1365defc96405b31829a9c55b6888b39a2b4958a94bfbaa5c249b8b7412570cde693151cf89ae1f685fe4cecf5152790af270f79f3e58c2
ssdeep: 12288:kJTofkfSBZFJ+dm7eQf4/Fe09D8DEp6V9QG9xG9rG9QG9pG9E19D19/19a19VR9:uofkWJ+hdqgnqbzPqlyTTrg5LmAQ
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Win32/Adware.HPDefender.EMM also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 0055d5751 )
Lionic	Riskware.Win32.Hpdefender.1!c
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
Alibaba	AdWare:Win32/HPDefender.ef1c451b
K7GW	Trojan ( 0055d5751 )
Cybereason	malicious.b3ea18
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Adware.HPDefender.EMM
APEX	Malicious
Avast	FileRepMalware
Kaspersky	UDS:Trojan.Multi.GenericML.xnet
NANO-Antivirus	Riskware.Win32.HPDefender.fkstzp
Tencent	Win32.Risk.Adware.Wmja
Sophos	Generic PUA LH (PUA)
Comodo	ApplicUnwnt@#lo1z17v89s3s
F-Secure	Heuristic.HEUR/AGEN.1103346
BitDefenderTheta	Gen:NN.ZexaF.34170.jzW@aG8Q01n
McAfee-GW-Edition	BehavesLike.Win32.PUP.th
FireEye	Generic.mg.625ae5dcc71c0d53
SentinelOne	Static AI – Malicious PE
Avira	HEUR/AGEN.1103346
Antiy-AVL	GrayWare/Win32.Unwaders
Microsoft	Ransom:Win32/StopCrypt!ml
ZoneAlarm	UDS:DangerousObject.Multi.Generic
AhnLab-V3	Adware/Win32.HPDefender.C2896721
Acronis	suspicious
McAfee	Artemis!625AE5DCC71C
MAX	malware (ai score=99)
Malwarebytes	MachineLearning/Anomalous.100%
Panda	Trj/GdSda.A
Rising	Trojan.Generic@ML.90 (RDML:bGfqioQRbC53ZAvvHzirKg)
Yandex	PUA.HPDefender!OlbfOtL0640
Ikarus	PUA.HPDefender
Fortinet	Riskware/HPDefender
AVG	FileRepMalware
Paloalto	generic.ml

How to remove Win32/Adware.HPDefender.EMM?

Win32/Adware.HPDefender.EMM removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X