Malware

Win32/XYLauncher.B potentially unwanted removal

Malware Removal

The Win32/XYLauncher.B potentially unwanted is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/XYLauncher.B potentially unwanted virus can do?

  • Presents an Authenticode digital signature
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Win32/XYLauncher.B potentially unwanted?



File Info:

crc32: 6FA29F4B
md5: 582210c68628ece94a76eb0de896f2dd
name: __________________.exe
sha1: 1d2f7d57356f8efa3771ea4f848136a4fcdda50b
sha256: 04b0a4e871346543da6d274ecf160273ec46d508103e89fdba6d023cda4d49a6
sha512: 114336510de46d505f26da29dc4065e43c66165a52a89b2485ac8657f182c40222ceba93ba7bab49959b6df78a4227094fec8c422d993c7df197c235d188f581
ssdeep: 49152:JZcaJCbw5y9O+AAn+r0tJLU3m4eUcE24xa2EJ4TPhdL/m0Hg32JH:NJEx9AAn+CVU3m4nFE2dhdicf
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive


Version Info:

LegalCopyright: Copyright (C) 2015-2016 x4e0ax6d77x6b23x70c1x7f51x7edcx79d1x6280x6709x9650x516cx53f8
InternalName: x84ddx6708x4f20x5947.exe
FileVersion: 1.0.0.1
CompanyName: x4e0ax6d77x6b23x70c1x7f51x7edcx79d1x6280x6709x9650x516cx53f8
ProductName: x84ddx6708x4f20x5947x5b89x88c5x5305
ProductVersion: 1.0.0.1
FileDescription: x84ddx6708x4f20x5947x5b89x88c5x5305
OriginalFilename: x84ddx6708x4f20x5947.exe
Translation: 0x0804 0x03a8

Win32/XYLauncher.B potentially unwanted also known as:

McAfeeArtemis!7453609A3DD4
Invinceaheuristic
BitDefenderThetaGen:NN.ZexaF.34136.xw1@aOMj0sej
APEXMalicious
IkarusPUA.XYLauncher
MicrosoftPUA:Win32/Youxun
ESET-NOD32a variant of Win32/XYLauncher.B potentially unwanted
RisingMalware.Heuristic!ET (CLOUD)

How to remove Win32/XYLauncher.B potentially unwanted?

Win32/XYLauncher.B potentially unwanted removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment