BScope.Adware.Neoreklami removal guide

The BScope.Adware.Neoreklami is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What BScope.Adware.Neoreklami virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
Authenticode signature is invalid

How to determine BScope.Adware.Neoreklami?


File Info:
name: 9F04ED25219A8C4FBBA4.mlw
path: /opt/CAPEv2/storage/binaries/e28bff7e8c7913ee879d68506bafaa1c03a4699d6ca3cf94434f66ad802a8c32
crc32: EC9EC684
md5: 9f04ed25219a8c4fbba4eedfbd6b8a1f
sha1: a7ddda9d71486c9a27fdf9055bd3d8051d03911c
sha256: e28bff7e8c7913ee879d68506bafaa1c03a4699d6ca3cf94434f66ad802a8c32
sha512: 1f4fef1925fddeae4f57e391e82c27e22878a4b55cd0212f6e19ee8d8e537cf3c8b13e56fdcfe1ce7282dd53db27288cd029edec8ae1474dfea0265fe0e67d4c
ssdeep: 12288:K4VpoDZYuN0NTe++Kl2HdHd73TwEPjQEE6k:K4GcS++ao5DwLE1k
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T101A48D217A92C076C27342715E98F7A855FEBF705922474B37D82F4E2FB05C2B636262
sha3_384: aac1f812eba195a75f0a7b6f16360c5ee882fde2584123a7f01b3571bec8c62142f310379c9340b6fde21f58f22c92d6
ep_bytes: e863260100e97ffeffff558bec83ec20
timestamp: 2018-10-25 15:54:16

Version Info:
0: [No Data]

BScope.Adware.Neoreklami also known as:

Bkav	W32.AIDetect.malware1
Lionic	Adware.Win32.Neoreklami.2!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Mikey.113630
FireEye	Generic.mg.9f04ed25219a8c4f
McAfee	PUP-XBV-NT
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Adware ( 0054396e1 )
Alibaba	AdWare:Win32/Neoreklami.5226dd22
K7GW	Adware ( 0054396e1 )
Cybereason	malicious.5219a8
BitDefenderTheta	Gen:NN.ZexaF.34182.BuW@a09qFBbi
Cyren	W32/S-957aa147!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Adware.Neoreklami.GX
TrendMicro-HouseCall	TROJ_GEN.R002C0OAV22
Paloalto	generic.ml
Kaspersky	not-a-virus:HEUR:AdWare.Win32.Neoreklami.vho
BitDefender	Gen:Variant.Mikey.113630
NANO-Antivirus	Riskware.Win32.Neoreklami.foepit
Avast	Win32:Adware-gen [Adw]
Tencent	Win32.Adware.Neoreklami.Hufk
Emsisoft	Gen:Variant.Mikey.113630 (B)
Comodo	ApplicUnwnt@#2z9w1rtnin4nl
F-Secure	Heuristic.HEUR/AGEN.1106534
Zillya	Adware.Neoreklami.Win32.7943
TrendMicro	TROJ_GEN.R002C0OAV22
McAfee-GW-Edition	BehavesLike.Win32.Multiplug.gh
Sophos	Generic PUA KH (PUA)
Ikarus	PUA.Neoreklami
Jiangmin	AdWare.Neoreklami.bra
Webroot	W32.Adware.Gen
Avira	HEUR/AGEN.1106534
Antiy-AVL	GrayWare[AdWare]/Win32.Neoreklami
Gridinsoft	Ransom.Win32.Occamy.sa
Microsoft	Trojan:Win32/Occamy.CE2
ZoneAlarm	not-a-virus:HEUR:AdWare.Win32.Neoreklami.vho
GData	Gen:Variant.Mikey.113630
Cynet	Malicious (score: 100)
AhnLab-V3	PUP/Win32.Neoreklami.C2083440
VBA32	BScope.Adware.Neoreklami
ALYac	Gen:Variant.Mikey.113630
MAX	malware (ai score=100)
Malwarebytes	Adware.Neoreklami.TskLnk
APEX	Malicious
Rising	Trojan.Wacatac!8.10C01 (CLOUD)
Yandex	Trojan.GenAsa!pp/nDic7Q1c
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.12179147.susgen
Fortinet	W32/Neoreklami.GX!tr
AVG	Win32:Adware-gen [Adw]
Panda	Trj/GdSda.A
CrowdStrike	win/grayware_confidence_100% (D)

How to remove BScope.Adware.Neoreklami?

BScope.Adware.Neoreklami removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X