not-a-virus:HEUR:Downloader.Win32.Wajam.gen

Downloader No Comments

Dmitry Sokolov recommends UnHackMe!

UnHackMe is a powerful tool against malware.

UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!

: Solved! 5 Stars (5 / 5)

not-a-virus:HEUR:Downloader.Win32.Wajam.gen also known as Riskware ( 0040eff71 ), PE:Malware.Generic(Thunder)!1.A1C4 [F], Application.Win32.Wajam.BA.

Malware Analysis of not-a-virus:HEUR:Downloader.Win32.Wajam.gen – UWHZLU.DLL

Created files:

%Program Files%\WajaNetEn\waaaghs
%Program Files%\WajaNetEn\wajam.ico
%Program Files%\WajaNetEn\WajaNetEnlibs\uwhzlu.dll
%SysDir%\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
%SysDir%\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof

Autostart registry keys:

HKLM\Software\Google\Chrome\Extensions\ibipigkkmpjlklbnjkkkdgihkmejfffe\update_url: “https://clients2.google.com/service/update2/crx”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SystemHealer\DisplayName: “System Healer”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SystemHealer\UninstallString: “%Program Files%\SystemHealer\Uninstaller.exe”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B023AAEF-C0D5-4949-95CE-86AF1603AD1F}_is1\DisplayName: “Music Downloader Guru 8.6”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B023AAEF-C0D5-4949-95CE-86AF1603AD1F}_is1\UninstallString: “”%Local Appdata%\YouTubeDownloaderGuru\unins000.exe””
HKLM\System\CurrentControlSet\Services\WajaNetEn Monitor\ImagePath: “”%Program Files%\WajaNetEn\a8401a66162912b3a493200536f05760.exe””
HKLM\System\CurrentControlSet\Services\WajaNetEn Monitor\DisplayName: “WajaNetEn Monitor”
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\GoogleChromeAutoLaunch_1D779E6F1F1A75C4ED2C2669C0FDD24A: “”%Program Files%\Google\Chrome\Application\chrome.exe” –no-startup-window”

Detected by UnHackMe:

UWHZLU.DLL
Default location: %PROGRAM FILES%\WAJANETEN\WAJANETENLIBS\UWHZLU.DLL

Dropper hash(md5): ba53f8b3a56396db40cb42e8ec1aff20

Written by 

Malware Hunter.

UnHackMe removes malware invisible for your antivirus!

Free Download

1
UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.

Tatva WordPress theme by IdeaBox

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera