Adware

Win32/Adware.Nieguide.AE information

Malware Removal

The Win32/Adware.Nieguide.AE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Win32/Adware.Nieguide.AE virus can do?

  • Dynamic (imported) function loading detected
  • Performs HTTP requests potentially not found in PCAP.
  • HTTPS urls from behavior.
  • Unconventionial language used in binary resources: Korean
  • Authenticode signature is invalid
  • Attempts to modify proxy settings

How to determine Win32/Adware.Nieguide.AE?


File Info:

name: 41E28667070DB0F9D659.mlw
path: /opt/CAPEv2/storage/binaries/f4cd2a66cca4d1d9c69247df151d3ced0ed9f199454473278584bfdeeca79c7e
crc32: 38CAF2C1
md5: 41e28667070db0f9d6596a0b38a40dd3
sha1: 5c80965dcd61b5c9022ff94e5543f9ad56d90e99
sha256: f4cd2a66cca4d1d9c69247df151d3ced0ed9f199454473278584bfdeeca79c7e
sha512: cc0aaf0637911f452d9818a017b2f7fa1217c36192d99d25fdc435bc3a7dc8692b980245f652b43e75e830cb7744d41c0caf3ef1a0c880c14a4766267a5d890e
ssdeep: 1536:tpWAaQKqOqYYxkz2O/YYwWWYwYYYvZZZPZPZMZZZPZZzZZZZZkCit:tpWAXOqBxkz2O/YYwWWYwYYYF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F4240A9078164517E496C9334BAB29A5BB0DAF027F07EB7F824DBA5F7C71444EB02E18
sha3_384: 41141e737013448db6bbf808b6ff72b10c7c0523d49d22626d5e722df67cc76fdf82538d4525ee466c37e126e29753ed
ep_bytes: 558bec6aff6898a14000684a77400064
timestamp: 2017-08-04 07:09:17

Version Info:

Comments:
CompanyName: ebiz
FileDescription: ancamcorderupdate
FileVersion: 1, 0, 0, 1
InternalName: ancamcorderupdate
LegalCopyright: Copyright ⓒ 2013
LegalTrademarks:
OriginalFilename: ancamcorderupdate.exe
PrivateBuild:
ProductName: ebiz ancamcorderupdate
ProductVersion: 1, 0, 0, 1
SpecialBuild:
Translation: 0x0412 0x04b0

Win32/Adware.Nieguide.AE also known as:

BkavW32.AIDetect.malware2
LionicRiskware.Win32.Snojan.1!c
DrWebTrojan.DownLoader26.44307
MicroWorld-eScanAdware.GenericKD.5813732
FireEyeGeneric.mg.41e28667070db0f9
McAfeeArtemis!41E28667070D
MalwarebytesAdware.KorAd
SangforAdware.Win32.GenericKD.5813732
K7AntiVirusAdware ( 00513bfc1 )
AlibabaDownloader:Win32/Snojan.96caa579
K7GWAdware ( 00513bfc1 )
ArcabitAdware.Generic.D58B5E4
CyrenW32/Nieguide.C.gen!Eldorado
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Adware.Nieguide.AE
TrendMicro-HouseCallPUA_SNOJAN
Paloaltogeneric.ml
Kasperskynot-a-virus:Downloader.Win32.Snojan.byii
BitDefenderAdware.GenericKD.5813732
NANO-AntivirusTrojan.Win32.Snojan.erselj
SUPERAntiSpywareAdware.KorAd/Variant
AvastWin32:Adware-gen [Adw]
RisingTrojan.Generic@AI.83 (RDML:B9OvWE6mGl8WjD9wooRM/w)
Ad-AwareAdware.GenericKD.5813732
SophosGeneric ML PUA (PUA)
ZillyaAdware.Nieguide.Win32.200
TrendMicroPUA_SNOJAN
EmsisoftAdware.GenericKD.5813732 (B)
IkarusWin32.SuspectCrc
JiangminDownloader.Snojan.sg
WebrootW32.Adware.Gen
AviraADWARE/Adware.Gen
MAXmalware (ai score=100)
KingsoftWin32.Troj.Generic_a.a.(kcloud)
MicrosoftPWS:Win32/Zbot!ml
GDataAdware.GenericKD.5813732
CynetMalicious (score: 100)
VBA32Downloader.Snojan
ALYacAdware.GenericKD.5813732
APEXMalicious
TencentMalware.Win32.Gencirc.11498d64
YandexPUA.Downloader!B+DwpS/NFPU
FortinetRiskware/Snojan
AVGWin32:Adware-gen [Adw]
Cybereasonmalicious.7070db
PandaTrj/GdSda.A

How to remove Win32/Adware.Nieguide.AE?

Win32/Adware.Nieguide.AE removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment