Malware

Downloader.Win32.AdLoad.pwan malicious file

Malware Removal

The Downloader.Win32.AdLoad.pwan is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Downloader.Win32.AdLoad.pwan virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Sniffs keystrokes
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Exhibits possible ransomware file modification behavior
  • Creates a hidden or system file
  • Attempts to modify proxy settings
  • Attempts to interact with an Alternate Data Stream (ADS)

Related domains:

installer.betterinstaller.com

How to determine Downloader.Win32.AdLoad.pwan?



File Info:

crc32: DACA9A06
md5: 93f8e7ce5e970b433272100bd8c17ef5
name: 93F8E7CE5E970B433272100BD8C17EF5.mlw
sha1: a07c29540f9fc36621bf5ccd4640d2dfccc8e7a4
sha256: c130f59d7df7ab0c09b26246c388f58316a12cb99a34c515de7c74a9a9c38ce2
sha512: 83eceaeb96852662a336b5e052e0c64fb5befd399362aa33bff4f3e3f989d12eb35f7fd43c7e17910a98315b096533c29db8a5b2f91407517f2bd60292f2e4a0
ssdeep: 24576:5nauk8Dd6NjD7g2X7KZmpQxWb8375LYNP9h/ofZywCTSk4GQJxkT7:5aDk6NjDv7KuA75LY5/ofZo9
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:                                                                                                     
FileVersion:                     
CompanyName: LeeLu Soft                                                  
Comments: This installation was built with Inno Setup.
ProductName: Order in my Folder                                          
ProductVersion: 1.3                 
FileDescription: Order in my Folder Setup                                    
Translation: 0x0000 0x04b0

Downloader.Win32.AdLoad.pwan also known as:

K7AntiVirusTrojan ( 00494e041 )
CylanceUnsafe
ZillyaDownloader.Adload.Win32.18281
K7GWTrojan ( 00494e041 )
ESET-NOD32Win32/DownWare.W potentially unwanted
GDataWin32.Application.Downware.N
Kasperskynot-a-virus:Downloader.Win32.AdLoad.pwan
SophosGeneric PUA KA (PUA)
VIPRETrojan.Win32.Generic!BT
JiangminAdWare.NSIS.biy
ZoneAlarmnot-a-virus:Downloader.Win32.AdLoad.pwan
McAfeeArtemis!93F8E7CE5E97
MAXmalware (ai score=99)
VBA32Downloader.AdLoad
MaxSecureTrojan.Malware.9964028.susgen
FortinetRiskware/Downware
AVGFileRepMetagen [Malware]
Paloaltogeneric.ml
Qihoo-360Win32/Virus.Downloader.c4a

How to remove Downloader.Win32.AdLoad.pwan?

Downloader.Win32.AdLoad.pwan removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment