What is “Trojan-Downloader.Win32.Adload.tidg”?

The Trojan-Downloader.Win32.Adload.tidg is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-Downloader.Win32.Adload.tidg virus can do?

The binary likely contains encrypted or compressed data.
Anomalous binary characteristics

How to determine Trojan-Downloader.Win32.Adload.tidg?


File Info:
crc32: 073FB7D0
md5: 9ce8e2043ccfe9dfe4d939ee794e02ce
name: 9CE8E2043CCFE9DFE4D939EE794E02CE.mlw
sha1: 89f39c5841b9758ad3fe671f1ea98f1baa99c76a
sha256: 8265f112fedf98ac8ce2cfaf88ba70f829cdfbc2158614b9fca73769f4a5df7c
sha512: 383fdeede835b1347bcebd09d77276cefff69fe8e14b8bc1738ed610753b810e4e58fcfeb8a25a14145455dedca7c53d7370b8d2d10e346b8fccbd5997dd4499
ssdeep: 98304:U8KLoS2w5hXjLKTSX+7p8Al17bfWyd4bhCndqQsFtyAyg:W0SdXje7p7a5VQsFyg
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: (c) Puran Software.  All rights reserved.
InternalName: Puran File Recovery.exe
FileVersion: 1.2.0.0
CompanyName: Puran Software
ProductName: Puran File Recovery
ProductVersion: 1.2.0.0
FileDescription: Puran File Recovery
OriginalFilename: Puran File Recovery.exe
Translation: 0x0000 0x04e4

Trojan-Downloader.Win32.Adload.tidg also known as:

K7AntiVirus	Trojan ( 00580bdb1 )
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
ALYac	Trojan.GenericKDZ.79538
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_60% (D)
Alibaba	AdWare:Win32/AdLoad.a95251e2
K7GW	Trojan ( 00580bdb1 )
Cybereason	malicious.841b97
Cyren	W32/Kryptik.FQU.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.HLPA
Zoner	Probably Heur.ExeHeaderH
APEX	Malicious
Avast	Win32:TrojanX-gen [Trj]
Kaspersky	Trojan-Downloader.Win32.Adload.tidg
BitDefender	Trojan.GenericKDZ.79538
ViRobot	Trojan.Win32.Z.Kryptik.4809727
MicroWorld-eScan	Trojan.GenericKDZ.79538
Ad-Aware	Trojan.GenericKDZ.79538
Sophos	Mal/Generic-S
BitDefenderTheta	Gen:NN.ZexaF.34266.@B0@aaDbM8bi
TrendMicro	TROJ_GEN.R02DC0WK321
McAfee-GW-Edition	BehavesLike.Win32.Generic.rh
FireEye	Generic.mg.9ce8e2043ccfe9df
Emsisoft	Trojan.GenericKDZ.79538 (B)
SentinelOne	Static AI – Malicious PE
Avira	TR/Crypt.Agent.yuago
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
ZoneAlarm	Trojan-Downloader.Win32.Adload.tidg
GData	Win32.Trojan.PSE.15ERSJ3
AhnLab-V3	Trojan/Win.Generic.R448158
McAfee	GenericRXQO-PE!9CE8E2043CCF
MAX	malware (ai score=89)
VBA32	BScope.TrojanDownloader.Adload
Malwarebytes	Adware.DownloadAssistant
Panda	Generic Suspicious
TrendMicro-HouseCall	TROJ_GEN.R02DC0WK321
Ikarus	Trojan.Win32.Crypt
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	Riskware/Kryptik
AVG	Win32:TrojanX-gen [Trj]
Paloalto	generic.ml

How to remove Trojan-Downloader.Win32.Adload.tidg?

Trojan-Downloader.Win32.Adload.tidg removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X