Adware

Win32/Adware.Weiduan.J removal instruction

Malware Removal

The Win32/Adware.Weiduan.J is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Adware.Weiduan.J virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Win32/Adware.Weiduan.J?



File Info:

name: 28CB1DBA3DBD6340A0FA.mlw
path: /opt/CAPEv2/storage/binaries/968fe0f14940c989a187986ba1b061357a3ac5a2b07b50d66d36a3786b0fdf35
crc32: BCA9EE69
md5: 28cb1dba3dbd6340a0faae01dd6d2da1
sha1: 5f746a73f3c90de1ec2078579ed27df0442aa132
sha256: 968fe0f14940c989a187986ba1b061357a3ac5a2b07b50d66d36a3786b0fdf35
sha512: dce226f34c63cc0e1fff3045e5cda539ef32c5ce05980211d8ce407771ef44ddf10d94a2a617ffb2e73307630010d422bf198f29e3cc8d9dd18c16ff43941357
ssdeep: 1536:g0DdKH9MMTkUNTKQqvvlpgwy/YpfOr4j7e+5l6e:3Dd4JoUN2lpgH/YpfOrx+5lB
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T113C30725B680817BE4D708765DE915F456E4BC2003C904F7B9822FFE8D3A3E6A93A15F
sha3_384: c25e7ee5f4ef45983a569c5151fb9a5e3a321e125634f72757843cf1a2f79582e3f0343ee5f5a8b9f4c9129c097585a0
ep_bytes: e9f1ec0000e980fe0000e9d7da0000e9
timestamp: 2016-12-26 07:51:17


Version Info:

FileDescription: Setup/Uninstall
FileVersion: 1.0.0.0
InternalName: Uninstall.exe
OriginalFilename: Uninstall.exe
ProductName: Uninstall.exe
ProductVersion: 1.0.0.0
Translation: 0x0804 0x04b0

Win32/Adware.Weiduan.J also known as:

AVGWin32:Adware-gen [Adw]
Elasticmalicious (high confidence)
SkyhighBehavesLike.Win32.Generic.cm
McAfeeGenericRXCF-XZ!28CB1DBA3DBD
Cylanceunsafe
SangforTrojan.Win32.Heuristic.rg
CrowdStrikewin/grayware_confidence_90% (D)
SymantecAdware.GAIN
ESET-NOD32a variant of Win32/Adware.Weiduan.J
APEXMalicious
NANO-AntivirusRiskware.Win32.Weiduan.euwrpo
AvastWin32:Adware-gen [Adw]
TencentMalware.Win32.Gencirc.10b64ee0
EmsisoftApplication.Generic (A)
F-SecureAdware.ADWARE/Weiduan.ubmed
SophosGeneric Reputation PUA (PUA)
IkarusPUA.Weiduan
AviraADWARE/Weiduan.ubmed
Antiy-AVLTrojan/Win32.TSGeneric
AhnLab-V3PUP/Win32.Weiduan.R284167
MalwarebytesHupigon.Backdoor.Bot.DDS
RisingTrojan.Generic@AI.82 (RDMK:W/b2OLgpo+awE8M+JliQhw)
YandexTrojan.GenAsa!aaHo5Hk3Bhw
MaxSecureTrojan.Malware.300983.susgen
FortinetRiskware/Weiduan

How to remove Win32/Adware.Weiduan.J?

Win32/Adware.Weiduan.J removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment