Adware

About “Win32/Adware.Neoreklami.LM” infection

Malware Removal

The Win32/Adware.Neoreklami.LM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Win32/Adware.Neoreklami.LM virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Win32/Adware.Neoreklami.LM?


File Info:

name: 56120C2AB2700A9DA06C.mlw
path: /opt/CAPEv2/storage/binaries/48d08de8bb559d955aaafb346aebaa2dd5abded203769bfba83350b817c66d65
crc32: 53910EEB
md5: 56120c2ab2700a9da06c3a91aed94273
sha1: 26c2fc4852e0b127cf6e676c491c6a7bc50dc4a0
sha256: 48d08de8bb559d955aaafb346aebaa2dd5abded203769bfba83350b817c66d65
sha512: 4f80decc0f19002de2025d88f9489b07e4196a7a0280f805e65173d6a0a10a6745d9f888c4a1feec4de4d38837d04b26659caa3430c379663e6a04c684ee6bc6
ssdeep: 196608:L6s7U3XVZIL+41KbFl+IHQ8SFFqoao4h:LQny+41K5UIw88FTw
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E066011EB353F02AC8E12175336859A914A13EB0956448E7BBC4BF187AF05FAD536B33
sha3_384: 20c8e0a2496ef6e11f5045eec95c1b5aff6433bf3a046a8c4ff6fcd454d8658cabbfe825594dcfcb8374f13d97e84299
ep_bytes: e878410000e97ffeffffcccccccccccc
timestamp: 2018-06-03 05:14:26

Version Info:

0: [No Data]

Win32/Adware.Neoreklami.LM also known as:

BkavW32.AIDetect.malware2
LionicRiskware.Win32.Neoreklami.1!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Zusy.353893
FireEyeGeneric.mg.56120c2ab2700a9d
CAT-QuickHealPUA.NeoreklamiPMF.S20253699
ALYacGen:Variant.Zusy.353893
CylanceUnsafe
ZillyaAdware.Neoreklami.Win32.24414
SangforTrojan.Win32.Save.a
K7AntiVirusAdware ( 00567c001 )
AlibabaAdWare:Win32/Neoreklami.da9420e5
K7GWAdware ( 00567c001 )
Cybereasonmalicious.ab2700
CyrenW32/Neoreklami.C.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Adware.Neoreklami.LM
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan-Dropper.Win32.Agent.vho
BitDefenderGen:Variant.Zusy.353893
NANO-AntivirusTrojan.Win32.BPlug.iunutk
AvastWin32:Adware-gen [Adw]
TencentWin32.Trojan-dropper.Agent.Stkc
Ad-AwareGen:Variant.Zusy.353893
SophosTroj/Agent-BGAJ
DrWebTrojan.BPlug.3870
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Generic.vc
EmsisoftGen:Variant.Zusy.353893 (B)
IkarusPUA.Neoreklami
GDataGen:Variant.Zusy.353893
JiangminTrojanDropper.Agent.gmrg
AviraADWARE/Neoreklami.sohau
Antiy-AVLTrojan/Generic.ASMalwS.32A66C0
MicrosoftTrojan:Win32/Wacatac.A!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.Generic.R372471
McAfeeGenericRXOK-DP!56120C2AB270
MAXmalware (ai score=80)
VBA32TrojanDropper.Agent
MalwarebytesAdware.Neoreklami
RisingTrojan.Generic@ML.100 (RDML:BctA+SmfYh+iWrd1GQWI7Q)
YandexPUA.Neoreklami!hMtzebEUayo
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_100%
FortinetAdware/Neoreklami.KR
BitDefenderThetaGen:NN.ZexaE.34062.@tW@aKU2hFn
AVGWin32:Adware-gen [Adw]
PandaTrj/GdSda.A
MaxSecureTrojan.Malware.74459655.susgen

How to remove Win32/Adware.Neoreklami.LM?

Win32/Adware.Neoreklami.LM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment