Adware

What is “Win32/Adware.Kuaiba.C”?

Malware Removal

The Win32/Adware.Kuaiba.C is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Adware.Kuaiba.C virus can do?

  • Executable code extraction
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Win32/Adware.Kuaiba.C?



File Info:

crc32: EE9E515C
md5: f1fbdb9402a3702f59905ee36996fac8
name: Kuai8_GameManager_v4.2.7.7212.exe
sha1: 3c3026ab687e87bea843e8c3121a7054d0996392
sha256: e9443e90e92c139564d03592eea664717cc0bd384ccbef5fef724026fd5a1d9d
sha512: aa63ccdaa6df9eb0dad76938a61256f987c93ed9ea3ad62b287dce1ccf7e41bcc71b11c8228e074b80c741040beb7eb15d8a97f5b2b6275e49dcc4597067ff61
ssdeep: 196608:iBMINcoU5tto7Ln9Mrnand4fg65o0Hef35OL1714nt/SphW2X/:IMIND2W9Mund4Y65xHg88tabW2X/
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive


Version Info:

LegalCopyright: x7248x6743x6240x6709 (C)2013 x51e1x6e38x7f51x7edc
FileVersion: 4.2.7.7212
CompanyName: x51e1x6e38x7f51x7edc
SpecialBuild: 000000
Comments: x5febx5427x6e38x620f v4.2
ProductName: x5febx5427x6e38x620f
ProductVersion: 4.2.7.7212
FileDescription: x5febx5427x6e38x620f v4.2 x5b89x88c5x7a0bx5e8f
Translation: 0x0804 0x03a8

Win32/Adware.Kuaiba.C also known as:

MalwarebytesAdware.Kuaiba
K7GWAdware ( 004cda401 )
K7AntiVirusAdware ( 004cda401 )
BaiduWin32.Trojan.WisdomEyes.16070401.9500.9987
ESET-NOD32a variant of Win32/Adware.Kuaiba.C
AvastWin32:Adware-gen [Adw]
ClamAVWin.Downloader.84425-1
NANO-AntivirusTrojan.Nsis.DownLoader14.dusezc
Ad-AwareAdware.GenericKD.3676339
ComodoApplication.Win32.MeinV.AK
Invinceatrojan.win32.patched.ao
FortinetRiskware/Kuaiba
Antiy-AVLTrojan/Win32.TSGeneric
McAfeeArtemis!5846ED9DBB83
VBA32suspected of Trojan.Downloader.gen.h
RisingPUA.GMUnpackerInstaller!1.9C4F (classic)
IkarusWin32.Malware
AVGGeneric.3D8

How to remove Win32/Adware.Kuaiba.C?

Win32/Adware.Kuaiba.C removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment