imloader.exe

When I scanned with a-squared last night, it says it found 1 Malware:

Filename: c:\WINDOWS\Downloaded Program Files\imloader.exe

Diagnosis: not-a-virus:RiskWare.Downloader.ImLoader.b




I don't know for sure but I believe it has something to do with my
Incredimail,which is installed but haven't used it for a few months.
I also notice a few times a week it "seems" to install something,
I see in my Start - All Programs a message-bubble that a new program has been
installed, and Incredimail is highlighted !

So, I wonder if this imloader.exe is something to worry about or may be just
a false alert ?

Also, the a2 doesn't give you the option to put in some kind of quarantine, like
for example an anti-virus would have.
Only "delete".

I did not want to delete before I know for sure I won't break something.


Can someone help me with this please ?


P.S. I know I can always ask the boards over at a-squared, but wanted to try here first.

 

Hey there Mr.P.

Thank's a bunch....you bet it helps!
It looks like this 'imloader' isn't considered a pest afterall. It's odd though that
a2 picked it up as a malware.

Hmm..maybe it's because, on the other site you gave me it looks like a big pain to get rid of Incredimail.
Oooh how I am looking forward to uninstall. And having to tinker into the deep......

I still don't know if I should just go ahead and delete it or leave. I have some messages to save still before uninstalling Incredimail........

 

Actually A2 didn't pick it up as malware, it picked it up as 'Riskware', which is something that may be completely legitimate but poses a risk (albeit very small) because it could be misused in a harmful way by genuine malware.

This all came about with the recent big increase in A2's sig base. They decided to include riskware, and this has caught out a lot of people - including myself!

The general rule is don't delete these items as the finding is just to advise you of a theoretical threat (they are described as being NOT a virus!). Naturaly if you no longer need the program to which it relates you would delete the risk; otherwise just ignore it.

 

Hello Nat,

When you're finally ready to uninstall IncrediMail, you can avoid the popup you'll encounter in add/remove by first booting
into safe mode. Once there you can either press Ctrl+Alt+Delete or right-click the taskbar to bring up the Taskmanager.
Here is where you want to "kill" the IncrediMail process....incredimail.exe or similar. You need to take care of this first
because of IncrediMail's self-loading, run in the background nature.

While still in safe mode, goto Start - All Programs - IncrediMail - UnInstall.

Then type - regedit - into a run box and follow steps 1-3 "ONLY" on this page.

After doing the above, navigate with Windows Explorer to....
C:\Program Files and DELETE the "IncrediMail" folder and sub folders.

Reboot normally and IncrediMail should be GONE !

There may be a final step if Windows Explorer cannot delete the IncrediMail folder.....so I will wait to hear, OK.

Note : Information, courtesy....."Hunter" at Gladiator Security.


Best,
GF

 

Lol, Topper. When my brain sees 'Malware, Riskware & co' I connect it to 'danger'.

Anyways, your input is much appreciated and I believe what you say.
As a matter of fact during the scan it said in red color Malware found....

Then at the diagnosis it said: not-a-virus: RISKWARE.
Well..I didn't know better.

I will do as you say, just ignore it and when I'm ready to uninstall Incredimail,
this imloader.exe will "go" too.

 

Thank you GF, again a very comprehensive description and explanation on "how to..."
Looks like alot of work though, oh my....
So I suppose it isn't finished by just go to ADD/Delete folder and done with it. Hmm?

I will try all you said.

 

Nat, you're right, it does put the wind up you by displaying "1 Malware found" in red during the scan only to decide it was only riskware afterwards!

If you venture over to the A2 Forum you will discover that a couple of us have been caught by this. Apparently the A2 people are going to clarify things in future versions by including a definition of riskware.

It is not just A2 that does this sort of thing, KAV with extended data bases, also finds riskware (and deletes it for you if you are not careful!). But, as has been said, it's much better to have an app with extensive 'finding' powers than one that just misses everything!

 

Ha! Someone on A2 forum just confirmed too that it is 'harmless'.

Well..this is good to know, isn't it.

It's just confusing...but Topper...I understand what you're saying.