Win32/Wapomi.O removal tips

The Win32/Wapomi.O is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Wapomi.O virus can do?

Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Network activity detected but not expressed in API logs

How to determine Win32/Wapomi.O?


File Info:
crc32: 5AC8C5BB
md5: 3150b49cc59d7220e6c0d168be3e213d
name: 3150B49CC59D7220E6C0D168BE3E213D.mlw
sha1: d65cc3e101dd9cc647f0b158ba6edf42321af084
sha256: 5b737ec7357788fea15b93af36997bbbca7edab372bdc8db9730625644f848a2
sha512: c83b2cc22db8628653dcad0538f2ea0e160ab7c151e6bb63f20e36b87614760dc55505ca189d2f6fd5eec7d9124095cef01db9d740250a3248bf1471782c1e38
ssdeep: 24576:wI7akiZGNVUFN9czGjjgb1DbqNkMP4bje7YE:ldzRb1mibiB
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright xa9 2007-2012 Tencent. All Rights Reserved.
InternalName: QQPYLiveup
FileVersion: 4.5.2017.400
CompanyName: Tencent
Comments: 2013-1-8 16:56:15
ProductName: QQx62fcx97f3x8f93x5165x6cd5 x5347x7ea7x5de5x5177 4.5
ProductVersion: 4.5.2017.400
FileDescription: QQx62fcx97f3x8f93x5165x6cd5 x5347x7ea7x5de5x5177 4.5
OriginalFilename: QQPYLiveup.exe
Translation: 0x0804 0x04b0

Win32/Wapomi.O also known as:

K7AntiVirus	Riskware ( 0040eff71 )
Lionic	Virus.Win32.Qvod.lm34
Elastic	malicious (high confidence)
DrWeb	Trojan.AVKill.35064
ALYac	Trojan.GenericKD.31008925
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
Alibaba	Trojan:Win32/KillAV.f15b6662
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.cc59d7
Baidu	Win32.Virus.Wapomi.a
Cyren	W32/S-0735c93d!Eldorado
Symantec	W32.Wapomi!inf
ESET-NOD32	Win32/Wapomi.O
APEX	Malicious
Avast	Win32:GenMalicious-GXM [Trj]
ClamAV	Win.Virus.Parite-7134135-0
Kaspersky	Trojan.Win32.KillAV.gvv
BitDefender	Trojan.GenericKD.31008925
NANO-Antivirus	Trojan.Win32.Tufik.ffjowe
MicroWorld-eScan	Trojan.GenericKD.31008925
Tencent	Virus.Win32.Qvod.aaf
Ad-Aware	Trojan.GenericKD.31008925
Comodo	Malware@#1i0rz91bq4lak
BitDefenderTheta	Gen:NN.ZexaF.34170.qK2baK932ybb
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Cryp_Odra
McAfee-GW-Edition	W32/Fujacks.cm
FireEye	Trojan.GenericKD.31008925
Emsisoft	Trojan.GenericKD.31008925 (B)
Kingsoft	Win32.Heur.KVM009.a.(kcloud)
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Trojan.GenericKD.31008925
TACHYON	Trojan/W32.KillAV.1228800
McAfee	Artemis!3150B49CC59D
MAX	malware (ai score=98)
VBA32	Trojan.KillAV
Malwarebytes	Nimnul.Virus.FileInfector.DDS
Panda	Trj/CI.A
TrendMicro-HouseCall	Cryp_Odra
Yandex	Trojan.GenAsa!2imy4SSOn/w
Ikarus	Win32.Jadtre
MaxSecure	Virus.W32.Qvod.F
Fortinet	W32/Qvod.BE!tr
AVG	Win32:GenMalicious-GXM [Trj]

How to remove Win32/Wapomi.O?

Win32/Wapomi.O removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X