Adware

Win64/Adware.OpenSUpdater.AW malicious file

Malware Removal

The Win64/Adware.OpenSUpdater.AW is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win64/Adware.OpenSUpdater.AW virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Win64/Adware.OpenSUpdater.AW?



File Info:

name: 858CE5EF2B6973679897.mlw
path: /opt/CAPEv2/storage/binaries/73c5e16716302c6d6ed15925212a4d598eed4d54cd52f21dfd932c9a7b17fb50
crc32: EAF648DF
md5: 858ce5ef2b6973679897f5e22bca50de
sha1: ba73b2c08fa604f42519fb2adb425f2e8a3071fc
sha256: 73c5e16716302c6d6ed15925212a4d598eed4d54cd52f21dfd932c9a7b17fb50
sha512: 38549b37abf7e45811d2b952e68a4c6e3c7ae7d8aa584af654b61adc473486044ed339648ef2b24b239ac34ce4a5ff41282704d8b1117e928cd17959c98aa33f
ssdeep: 49152:igCluIWWFvJF7teNYyTPPuxBA+u2t6LMx25v:8lui74uyTPPuxBA+ht6LMxqv
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T14CC53C4AD6B652E0E4B9D2368116B627FDF0785D8334A7E7574147360F22FE0AA3E384
sha3_384: 1ee068409772b1e1f0b0642decd82dbeee76930bc842ce2bf918495319b3eedbcb837a0da5d67a3396128d8cbb522b05
ep_bytes: 4883ec28e8ef0800004883c428e936fe
timestamp: 2021-03-15 08:54:11


Version Info:

CompanyName: PowerBits Inc
FileDescription: PowerBits
FileVersion: 2.0.7.8
InternalName: powerbits
LegalCopyright: PowerBits Inc 2021
OriginalFilename: powerbits.exe
ProductName: PowerBits
ProductVersion: 2.0.7.8
Translation: 0x0409 0x04b0

Win64/Adware.OpenSUpdater.AW also known as:

LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanTrojan.GenericKD.50296355
FireEyeTrojan.GenericKD.50296355
McAfeeArtemis!858CE5EF2B69
Cylanceunsafe
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win64/Adware.OpenSUpdater.AW.gen
APEXMalicious
BitDefenderTrojan.GenericKD.50296355
EmsisoftTrojan.GenericKD.50296355 (B)
F-SecureHeuristic.HEUR/AGEN.1304353
VIPRETrojan.GenericKD.50296355
McAfee-GW-EditionArtemis
SophosGeneric Reputation PUA (PUA)
GDataTrojan.GenericKD.50296355
WebrootW32.Trojan.GenKD
AviraHEUR/AGEN.1304353
ArcabitTrojan.Generic.D2FF7623
ALYacTrojan.GenericKD.50296355
MAXmalware (ai score=86)
MalwarebytesAdware.SpecialSearchOffer
RisingAdware.OpenSUpdater!8.C9C (CLOUD)
IkarusAdWare.Opensupdater
DeepInstinctMALICIOUS
CrowdStrikewin/grayware_confidence_90% (W)

How to remove Win64/Adware.OpenSUpdater.AW?

Win64/Adware.OpenSUpdater.AW removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment