Adware.Somoto removal

The Adware.Somoto is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Adware.Somoto virus can do?

Sample contains Overlay data
Reads data out of its own binary image
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Adware.Somoto?


File Info:
name: 2ECFD1CECE4BF01FAE7E.mlw
path: /opt/CAPEv2/storage/binaries/0a58f1a4625bd39de6c5f7bf2e50adb9cd9bde96eb58ee61298769867e02c7ed
crc32: 46DCB899
md5: 2ecfd1cece4bf01fae7e212287102b25
sha1: ae4f80806c7b78f094fbc457aab89d2dead91881
sha256: 0a58f1a4625bd39de6c5f7bf2e50adb9cd9bde96eb58ee61298769867e02c7ed
sha512: a311496d34a5aaf1d9071bba20c90eb6fd38011bd5fdac60b6e60d00a288041253f4bb2c3d88d30f3eec8b1d0445133a490f4d405112dde6ccf44b29f2bd01b8
ssdeep: 1536:/QpQ5EP0ijnRTXJyh++YmXApBFIKb7cVPvF:/QIURTXJyh++NXApBOKQd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19063AE76E2C499EFC4BE41F105B2BB69CFB69F03226211CF53133B672835582952F266
sha3_384: 3b14a4056a304e230e26995979488427440cc555a28098072c9e07ab76db1e2a92a31b6f634fa8d3fdf56261fea5abb5
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-12-05 22:50:46

Version Info:
CompanyName: eType
FileDescription: Powered by BetterInstaller
FileVersion: 1.2.0.0
LegalCopyright: 
ProductName: eType
ProductVersion: 
Translation: 0x0000 0x04e4

Adware.Somoto also known as:

Bkav	W32.Common.C22017F4
Lionic	Adware.Win32.Somoto.2!c
Elastic	malicious (moderate confidence)
Skyhigh	BehavesLike.Win32.Dropper.lc
McAfee	Artemis!2ECFD1CECE4B
Malwarebytes	PUP.Optional.Somoto
K7AntiVirus	Riskware ( 0040eff71 )
K7GW	Riskware ( 0040eff71 )
DrWeb	Adware.Somoto.8
Varist	W32/S-21169fde!Eldorado
Antiy-AVL	GrayWare[AdWare]/Win32.BetterInternet
Microsoft	Trojan:Win32/Bitrep.B
Google	Detected
VBA32	Adware.Somoto
Cylance	unsafe
Rising	Adware.BetterInstaller/NSIS!1.DFA7 (CLASSIC)
MaxSecure	Not.a.virus.Trojan.BetterInstaller
DeepInstinct	MALICIOUS
CrowdStrike	win/grayware_confidence_100% (W)

How to remove Adware.Somoto?

Adware.Somoto removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X