Adware

Adware:Win32/loderka removal tips

Malware Removal

The Adware:Win32/loderka is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Adware:Win32/loderka virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Adware:Win32/loderka?



File Info:

name: EF270B4CD184DC45C142.mlw
path: /opt/CAPEv2/storage/binaries/60c545dedf28a8eeac8a7d66ae6c462291794f5ca0da73e1667075a5e694561e
crc32: 6D5276DF
md5: ef270b4cd184dc45c1428ecf353599b0
sha1: 7a95220c51dc94a8ec422155e83e78907c27a695
sha256: 60c545dedf28a8eeac8a7d66ae6c462291794f5ca0da73e1667075a5e694561e
sha512: 30e541a6a3a593c4e9d81145ab3759af707ed1ae7597e5a35ebc14451093bd2768310c0b854a7d1c248fba074005adab85f8808314aa1856d7425c1fcb0ff9d3
ssdeep: 49152:dAMV0tMmC7Jzzlplj4NhWOMcbo9DOc2ByC8e4y/Ai:Iq/JzzDd4N8OMciDV83
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T162A51242FBC24076E5651E788865C1B46F06BCA86AE1114F7DF8FE4F3EB82C25C3A591
sha3_384: 0e51f24fb31eba98a4dd92c2a4a3792ac99f8b6abfe9e529c5a3be9a3823038b2692b27346dc0e16998c56cff2e88ec0
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2012-10-02 05:04:04


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: Rockstar Games, Grove Street Games                          
FileDescription: Setup For Grand Theft Auto San Andreas The Definitive Editio
FileVersion: 1.0.04              
LegalCopyright: © Rockstar Games, Grove Street Games                                                                
ProductName: Grand Theft Auto San Andreas The Definitive Edition         
ProductVersion: 1.17.3794           
Translation: 0x0000 0x04b0

Adware:Win32/loderka also known as:

Elasticmalicious (high confidence)
Cylanceunsafe
SangforAdware.Win32.Loderka.V1y4
SymantecPUA.Gen.2
ESET-NOD32a variant of Win32/Adware.Loderka.P
F-SecureAdware.ADWARE/Loderka.FM
SophosGeneric Reputation PUA (PUA)
GoogleDetected
AviraADWARE/Loderka.FM
MicrosoftAdware:Win32/loderka
CynetMalicious (score: 100)
TencentWin32.Risk.ADWARE.Mgil
IkarusPUA.INNO.RePack
FortinetPossibleThreat.PALLAS.M
DeepInstinctMALICIOUS

How to remove Adware:Win32/loderka?

Adware:Win32/loderka removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment