Adware

Win32/Adware.Virtumonde removal

Malware Removal

The Win32/Adware.Virtumonde is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Adware.Virtumonde virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Deletes its original binary from disk
  • Anomalous binary characteristics

How to determine Win32/Adware.Virtumonde?



File Info:

crc32: 84D443EF
md5: 926da31c49db209b6e995dcc60bbcd5b
name: 926DA31C49DB209B6E995DCC60BBCD5B.mlw
sha1: 44efee14f04a00fb610c4e021e29cc88f8a54c32
sha256: 8e42276ea84002ea26763ec360c9ba7c6a4bc98b88cda87b3fbaa3fcf6d112e2
sha512: 20dedd17cb60a3a3e88357e0a03ee60fceb22bddb3a8deb2d8c051425407e57fd9f3688ccb731bb7f391dbc3f93eacdd9829bb93922afe27f77104cbf4e1e49a
ssdeep: 1536:PgTmqun/tDzlJnl2DDcNggvrUC3Utg0XsYAbqohcIwn8c9XymzImLuxDtI9VZk:PehqNhl8g9vgC3UGn2fIwn8cRymzIyoH
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Win32/Adware.Virtumonde also known as:

BkavW32.AIDetect.malware1
K7AntiVirusAdware ( 004bc5671 )
Elasticmalicious (high confidence)
DrWebTrojan.Virtumod.based.11
CynetMalicious (score: 100)
ALYacGen:Variant.Ransom.Xdata.11
CylanceUnsafe
ZillyaDownloader.Injecter.Win32.42
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:Win32/Monder.fa0e5197
K7GWAdware ( 004bc5671 )
Cybereasonmalicious.c49db2
CyrenW32/Virtumonde.W.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Adware.Virtumonde
APEXMalicious
AvastWin32:Akan [Inf]
ClamAVWin.Trojan.Vundo-3768
KasperskyTrojan.Win32.Monder.gen
BitDefenderGen:Variant.Ransom.Xdata.11
NANO-AntivirusTrojan.Win32.Injecter.khlg
ViRobotTrojan.Win32.Downloader.93184
SUPERAntiSpywareTrojan.Agent/Gen-Vundo
MicroWorld-eScanGen:Variant.Ransom.Xdata.11
TencentMalware.Win32.Gencirc.10b4db1a
Ad-AwareGen:Variant.Ransom.Xdata.11
SophosML/PE-A + Troj/Virtum-Gen
ComodoApplication.Win32.Adware.Virtumonde@azb3
BitDefenderThetaAI:Packer.A3A6591F1E
VIPRETrojan.Win32.Monder.gen
TrendMicroMal_Vundo-31
McAfee-GW-EditionBehavesLike.Win32.Vundo.nc
FireEyeGeneric.mg.926da31c49db209b
EmsisoftGen:Variant.Ransom.Xdata.11 (B)
SentinelOneStatic AI – Malicious PE
WebrootW32.Malware.Gen
AviraTR/Vundo.Gen
eGambitUnsafe.AI_Score_85%
MicrosoftTrojan:Win32/Vundo.AX
ArcabitTrojan.Ransom.Xdata.11
AegisLabTrojan.Win32.Generic.liEa
GDataGen:Variant.Ransom.Xdata.11
AhnLab-V3Trojan/Win32.Monder.R51151
Acronissuspicious
McAfeeVundo.gen.m
MAXmalware (ai score=100)
VBA32BScope.Trojan.Monder
MalwarebytesMachineLearning/Anomalous.100%
PandaMalicious Packer
TrendMicro-HouseCallMal_Vundo-31
RisingTrojan.DL.Win32.Undef.uc (CLASSIC)
YandexTrojan.GenAsa!g27jcRKFX70
IkarusPUA.Virtumonde
FortinetW32/Vundo.fam!tr
AVGWin32:Akan [Inf]
Paloaltogeneric.ml
Qihoo-360Win32/Backdoor.Buterat.HxQB2nsA

How to remove Win32/Adware.Virtumonde?

Win32/Adware.Virtumonde removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment