Adware

About “Win32/Adware.Neoreklami.LY” infection

Malware Removal

The Win32/Adware.Neoreklami.LY is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Adware.Neoreklami.LY virus can do?

  • Performs HTTP requests potentially not found in PCAP.
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Attempts to modify proxy settings

How to determine Win32/Adware.Neoreklami.LY?



File Info:

name: 1B2F08BB649949DD53D5.mlw
path: /opt/CAPEv2/storage/binaries/3f07ae36a0e4c77d58c791adb04f34bd9a07d8570d85ef9a2d7b7aad467cc2f0
crc32: 769F8572
md5: 1b2f08bb649949dd53d514710ca14471
sha1: 00cb0c100e797bf9f5da77fe4f8154227234728a
sha256: 3f07ae36a0e4c77d58c791adb04f34bd9a07d8570d85ef9a2d7b7aad467cc2f0
sha512: 7a12568fc0c0a2348dc9a02112247e5ccd92fc4a1836d3552cbbc5220ded7a902818efd1ac0f8bbf45ceb85e02dd1547532363648134c4f4574a67e029692517
ssdeep: 6144:2UV+D65Nza/10OCRzRpE34/W5hmGZpRMBsapvD8JdCjmdkWk5WvwF+QO/1+4vBtX:2w5NxOM+ThjWFAbJdBk4vwF+1vjMk
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T109B49D257382E232D0DA11B6726DABA900FCBD701575449BBBD46B2D2FF41E0E935B23
sha3_384: a027e61c123855077ab60e853569cf6e52fdb71ff75557ea4cc4688fbf6999f2bb852a42be045eb270617cce218da137
ep_bytes: 558bec837d0c017505e872870000ff75
timestamp: 2020-07-31 05:59:14


Version Info:

0: [No Data]

Win32/Adware.Neoreklami.LY also known as:

BkavW32.AIDetectMalware
LionicAdware.Win32.Neoreklami.2!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.1b2f08bb649949dd
SkyhighBehavesLike.Win32.Generic.gh
McAfeeArtemis!1B2F08BB6499
ZillyaAdware.Neoreklami.Win32.35538
SangforTrojan.Win32.Save.a
AlibabaAdWare:Win32/Neoreklami.8701adb8
CrowdStrikewin/grayware_confidence_100% (W)
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Adware.Neoreklami.LY
APEXMalicious
Kasperskynot-a-virus:HEUR:AdWare.Win32.Neoreklami.pef
AvastWin32:Adware-gen [Adw]
TencentMalware.Win32.Gencirc.13b39817
SophosGeneric Reputation PUA (PUA)
F-SecureHeuristic.HEUR/AGEN.1364608
SentinelOneStatic AI – Suspicious PE
AviraHEUR/AGEN.1364608
Antiy-AVLGrayWare[AdWare]/Win32.Neoreklami
ZoneAlarmnot-a-virus:HEUR:AdWare.Win32.Neoreklami.pef
MalwarebytesGeneric.Adware.Agent.DDS
PandaTrj/Genetic.gen
RisingTrojan.Generic@AI.90 (RDML:J8KOyxXDmdVqX5IcND4D6w)
IkarusPUA.Neoreklami
MaxSecureTrojan.Malware.74707761.susgen
FortinetAdware/Neoreklami
AVGWin32:Adware-gen [Adw]
DeepInstinctMALICIOUS

How to remove Win32/Adware.Neoreklami.LY?

Win32/Adware.Neoreklami.LY removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment