Should I remove “Adware.Generic.3023145”?

The Adware.Generic.3023145 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Adware.Generic.3023145 virus can do?

Behavioural detection: Executable code extraction – unpacking
Creates RWX memory
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Adware.Generic.3023145?


File Info:
name: 898948CF0615C608B1D7.mlw
path: /opt/CAPEv2/storage/binaries/561dcb72a83549871b33bf07fc3e50a3b69b5d4052f5c81cd4d269d7f656ce4b
crc32: A8646169
md5: 898948cf0615c608b1d7cf72986b624b
sha1: 7c462237cb4bdb76452a53d08b8c0113f368dacb
sha256: 561dcb72a83549871b33bf07fc3e50a3b69b5d4052f5c81cd4d269d7f656ce4b
sha512: cc6d146b6f702b4dcb59d2579afc5d94ab03420bb8717aff238ce9539275406486c14c32cdc65fdc566ed070eb497b290d6213f54cc63d8adb93afd2ae89e998
ssdeep: 1536:c3qRLK2Q0SJokJCpYQNttYt/63C0j9yK3jFVxT:lLPTXdiQXtr1ZfjF3T
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T133637E43EAD48076D0B3ABB42D35D5289B37BF652D74510E32ECBD9D6F27392840A392
sha3_384: e4270872b8d0ee346fc95d3b52c56998ff8794876c8fb91e3765d5d77f553dbc314a6d284482a24729c648094aad1009
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 1992-06-19 22:22:17

Version Info:
Comments: This installation was built with Inno Setup.
CompanyName: Helafobeho                                                  
FileDescription: Lolitulu Setup                                              
FileVersion:                     
LegalCopyright: Installer Program                                                                                   
ProductName: Lolitulu                                                    
ProductVersion: 5.7                                               
Translation: 0x0000 0x04b0

Adware.Generic.3023145 also known as:

Lionic	Adware.Win32.DealPly.2!c
MicroWorld-eScan	Adware.Generic.3023145
FireEye	Generic.mg.898948cf0615c608
Cylance	Unsafe
K7AntiVirus	Adware ( 0058411c1 )
Alibaba	AdWare:Win32/InstallCore.a93641b9
K7GW	Adware ( 0058411c1 )
Symantec	PUA.InstallCore!g11
ESET-NOD32	Win32/InstallCore.Gen.A potentially unwanted
Kaspersky	not-a-virus:HEUR:AdWare.Win32.DealPly.gen
BitDefender	Adware.Generic.3023145
Ad-Aware	Adware.Generic.3023145
Sophos	Generic PUA HM (PUA)
McAfee-GW-Edition	BehavesLike.Win32.AdwareFileTour.kh
Emsisoft	Adware.Generic.3023145 (B)
GData	Adware.Generic.3023145
Gridinsoft	Ransom.Win32.Sabsik.sa
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
MAX	malware (ai score=69)
VBA32	Malware-Cryptor.2LA.gen
TrendMicro-HouseCall	TROJ_GEN.R002H09L721
Rising	Adware.InstallCore!1.AB2C (CLASSIC)
SentinelOne	Static AI – Suspicious PE
Fortinet	Riskware/InstallCore
MaxSecure	Trojan.Malware.300983.susgen

How to remove Adware.Generic.3023145?

Adware.Generic.3023145 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X