Adware

Win32/Adware.ELEX.SO malicious file

Malware Removal

The Win32/Adware.ELEX.SO is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Adware.ELEX.SO virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Win32/Adware.ELEX.SO?



File Info:

name: E6DAD42CC913A2FBC007.mlw
path: /opt/CAPEv2/storage/binaries/2afaf33a5922f37b266ee311d0287d5129c8af1e17593dfc4fe6995c994f83b7
crc32: E7CFE33E
md5: e6dad42cc913a2fbc007924aded9c357
sha1: 7974b16791a95ca9b6024fafb49f00ddb1e47026
sha256: 2afaf33a5922f37b266ee311d0287d5129c8af1e17593dfc4fe6995c994f83b7
sha512: 43a64259858842563762c7372e275e672c995d51c0f58c9b81416218b371c0bee83316e7e3963c65faa7bdede334ec20adc9beb97dfb5277575f3950cc546baf
ssdeep: 3072:KzzxhqUJkX9KHV3eOo3wBjdy8nmF0ZhuW+jg5:KzzxhqUyX9K13eOE8nmcu
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T110B34B12B2808473D556017499B37B308BBC7D311D16AA27F3ADAB4B7EB0891AD13F97
sha3_384: fd16bfb4c67f1b879e12544ff48d816cd96577af9a14bb065023a0be65ac4726072f9d5c11db9ec41017bcf138d9eb25
ep_bytes: e83b050000e98efeffff558becff7508
timestamp: 2017-04-19 04:17:24


Version Info:

Comments: 
LegalCopyright: License: MPL 2
CompanyName: Mozilla Foundation
FileDescription: 
FileVersion: 52.0
ProductVersion: 52.0
InternalName: 
LegalTrademarks: Mozilla
OriginalFilename: crashreporter.exe
ProductName: Firefox
BuildID: 20170419095524
Translation: 0x0000 0x04b0

Win32/Adware.ELEX.SO also known as:

LionicAdware.Win32.FireBall.2!c
CynetMalicious (score: 99)
FireEyeTrojan.GenericKDZ.79385
CAT-QuickHealTrojan.IGENERIC
ZillyaAdware.FireBall.Win32.70
SangforPUP.Win32.Johnnie.199266
AlibabaAdWare:Win32/FireBall.cc0d6fdc
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/Adware.ELEX.SO.gen
Kasperskynot-a-virus:HEUR:AdWare.Win32.FireBall.gen
BitDefenderTrojan.GenericKDZ.79385
MicroWorld-eScanTrojan.GenericKDZ.79385
TencentMalware.Win32.Gencirc.10b7d8e7
Ad-AwareTrojan.GenericKDZ.79385
EmsisoftTrojan.GenericKDZ.79385 (B)
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0WKL21
SophosGeneric PUA HJ (PUA)
GDataTrojan.GenericKDZ.79385
JiangminAdWare.FireBall.n
WebrootW32.Adware.Gen
AviraADWARE/Elex.gzscl
KingsoftWin32.Troj.Generic_a.a.(kcloud)
ArcabitTrojan.Generic.D13619
MicrosoftTrojan:Win32/Ditertag.A
ALYacTrojan.GenericKDZ.79385
MAXmalware (ai score=88)
VBA32Adware.FireBall
MalwarebytesAdware.Elex
TrendMicro-HouseCallTROJ_GEN.R002C0WKL21
YandexTrojan.GenAsa!XnjQTgLEmFg
FortinetW32/ELEX.SO

How to remove Win32/Adware.ELEX.SO?

Win32/Adware.ELEX.SO removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment