Trojan

About “Trojan-Downloader.Win32.Adload.swmq” infection

Malware Removal

The Trojan-Downloader.Win32.Adload.swmq is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.Win32.Adload.swmq virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Network activity detected but not expressed in API logs
  • Likely virus infection of existing system binary

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Trojan-Downloader.Win32.Adload.swmq?



File Info:

crc32: C10AFF84
md5: 223c68a08b86a536675838b64cb3665d
name: 223C68A08B86A536675838B64CB3665D.mlw
sha1: 59189d8860b454050220171c7eff55ef1e3c92e2
sha256: 379d4f73173f9a1e561c8ce0ced6b11ccd3fa4460d7b7036d94d06770624125c
sha512: 7d783f1cef0750e2870997349785271504284f475618a7dfc71805391f1544d3d0888982d79f4f68c1a143d8a82252656eddd8e0b452d53a091c2655e09b104d
ssdeep: 196608:WtvukIe+y2rZwL/O8ymewELa0StRWB2q+qmt0Z8:Bne+nZwrCm1EvStsB2qq
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:                                                                                                     
FileVersion: 13.0.0.5            
CompanyName: Ontrack                                                     
Comments: This installation was built with Inno Setup.
ProductName: Ontrack EasyRecovery                                        
ProductVersion: 13.0.0.5                                          
FileDescription: Ontrack EasyRecovery Setup                                  
OriginalFileName:                                                   
Translation: 0x0000 0x04b0

Trojan-Downloader.Win32.Adload.swmq also known as:

K7AntiVirusRiskware ( 0040eff71 )
ClamAVWin.Malware.Chrop-9908991-0
CAT-QuickHealTrojan.Riskware
CylanceUnsafe
SangforTrojan.Win32.Adload.swmq
CrowdStrikewin/malicious_confidence_60% (D)
K7GWRiskware ( 0040eff71 )
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-Downloader.Win32.Adload.swmq
AlibabaAdWare:Win32/AdLoad.f2bb9bc0
TencentWin32.Trojan-downloader.Adload.Hnuy
SophosMal/Generic-S
McAfee-GW-EditionBehavesLike.Win32.CSDImonetize.wc
WebrootW32.Malware.Gen
AviraHEUR/AGEN.1144742
KingsoftWin32.Troj.Generic_a.a.(kcloud)
MicrosoftTrojan:Win32/Wacatac.A!ml
GDataWin32.Trojan.BSE.18VTQ3K
AhnLab-V3Trojan/Win.Generic.C4650481
McAfeeArtemis!223C68A08B86
VBA32Trojan.Sabsik.TE
MalwarebytesAdware.DownloadAssistant
TrendMicro-HouseCallTROJ_GEN.R011H07JI21
Paloaltogeneric.ml

How to remove Trojan-Downloader.Win32.Adload.swmq?

Trojan-Downloader.Win32.Adload.swmq removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment