Adware.InstallRex removal

The Adware.InstallRex is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Adware.InstallRex virus can do?

Executable code extraction
Presents an Authenticode digital signature
A process attempted to delay the analysis task.
Reads data out of its own binary image
The binary likely contains encrypted or compressed data.
Behavior consistent with a dropper attempting to download the next stage.
Creates a hidden or system file
Anomalous binary characteristics

Related domains:

r1.reportbox4.info

c1.installbox4.info

r2.monitorbox4.info

c2.monitorbox4.info

How to determine Adware.InstallRex?


File Info:
crc32: 6B7FBB17
md5: b0fd34b5c05ecd1dd386a52bb16634c0
name: B0FD34B5C05ECD1DD386A52BB16634C0.mlw
sha1: 6a0a119a8f340c80a5403ba610e432c4a47763a8
sha256: 0defd0d126d475206759747c9bd0a44b02dddf5e3ece16183b0f0128408bacee
sha512: fcb91fc461de0028b419ebbc4ef559708629dcea4f85378755d1b45c5c032b7efaef26291f9406c60cfa085baa5eb080e38f7a5110bff1ec40a59ce93a2ecff1
ssdeep: 6144:6rnD9UarEuMEvjr24HtrxTUGFVENR4Uk0r73EKntOIPrEfxr1:6rnD9jEsX2utrxAG7ENR1k0rBntO2M1
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright xa9 2012 CLSoft LTD
ProductCode: C7FF08EC-CA52-4870-8A74-26E5A99CBA36
InternalName: TSULoader
FileVersion: 2013.1.16.1930
SpecialBuild: 
CompanyName: CLSoft LTD
PackageCode: 4E919E0F-94A5-4F2D-ADC6-DC879572BCF9
Comments: WinNT (x86) Unicode Lib Rel
ProductName: CLSoft
ProductVersion: 1.0
FileDescription: Installer
WebSite: 
Email: 
OriginalFilename: TSULoader.exe
Arguments: /x
Translation: 0x0000 0x04b0

Adware.InstallRex also known as:

Bkav	W32.FamVT.AntiFWK.Trojan
Elastic	malicious (high confidence)
FireEye	Generic.mg.b0fd34b5c05ecd1d
CAT-QuickHeal	Trojan.Installmate
Qihoo-360	Win32/Virus.Downloader.017
McAfee	Artemis!B0FD34B5C05E
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Unwanted-Program ( 004a9d671 )
K7GW	Unwanted-Program ( 004a9d671 )
Cyren	W32/InstallRex.VIYB-2842
Symantec	Trojan.Gen.2
ESET-NOD32	Win32/InstalleRex.E potentially unwanted
Baidu	Win32.Adware.AdLoad.a
APEX	Malicious
Avast	FileRepMalware [PUP]
ClamAV	Win.Trojan.Antifw-173
Kaspersky	not-a-virus:HEUR:Downloader.Win32.AdLoad.u
Alibaba	Downloader:Win32/AdLoad.31b44def
NANO-Antivirus	Riskware.Win32.Adw.cwjqhm
Emsisoft	Application.Downloader (A)
Comodo	Application.Win32.InstalleRex.KG@541u1h
DrWeb	Adware.Downware.851
McAfee-GW-Edition	Artemis
Sophos	InstallRex (PUA)
Ikarus	not-a-virus:RiskTool.Win32.SoSafe
Antiy-AVL	Trojan[Backdoor]/Win32.Clack
Microsoft	PUA:Win32/InstallMate
SUPERAntiSpyware	PUP.InstallerRex/Variant
AhnLab-V3	PUP/Win32.InstallMate.R351920
ZoneAlarm	not-a-virus:HEUR:Downloader.Win32.InstallMate.gen
GData	Win32.Application.InstalleRex.E
Cynet	Malicious (score: 100)
VBA32	Adware.Downware
TACHYON	Trojan/W32.AntiFW.321544
Malwarebytes	Adware.InstallRex
TrendMicro-HouseCall	TROJ_GEN.R002H0CA921
Rising	PUF.InstalleRex!1.C113 (CLASSIC)
Yandex	PUA.InstalleRex!z8R9VlG7QQ0
SentinelOne	Static AI – Malicious PE – Adware
eGambit	Trojan.Generic
Fortinet	Riskware/InstalleRex
AVG	FileRepMalware [PUP]
CrowdStrike	win/malicious_confidence_60% (D)
MaxSecure	not-a-virus:Downloader.Adload.u

How to remove Adware.InstallRex?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.