LodaRAT is a Trojan horse virus that can infect computers without being detected. Once inside the system, LodaRAT can run malicious processes such as espionage, theft of data, and insertion of other viruses.


Various antivirus scanners detect the LodaRAT malware

What is typical for most Trojan threats is that after they have found their way inside a computer, they usually hide their traces so that they can stay concealed for as long as possible. That’s why the fact that there are no visible symptoms in your system doesn’t mean that you are not infected with LodaRAT. This new Trojan-based virus is a very stealthy tool that hackers can use for numerous malicious activities. Fortunately, on this page, you will find our specially created removal guide which explains how to detect and remove LodaRAT, as well as a professional removal program for automatic assistance and a full system check. If you have not dealt with Trojans before, we advise you to carefully follow the steps in the guide and use the professional program to effectively remove all the malicious files related to the infection. The reason is that Trojans can often camouflage as regular system files and if you don’t know how to correctly identify them, you may delete some vital OS files and end up corrupting your computer rather than deleting the malware.

The speed at which you eliminate the virus is also important because the longer it remains in the system, the greater the chance of it performing different malicious tasks in its background. Everything from theft of files and confidential information, system changes, exploitation of system resources and even spying on the victims can be expected from a threat like LodaRAT and Wup. Such an infection can be used to provide its criminal creators with remote access to the infected computer and allow them to manipulate the entire system any way they want. The crooks can watch you through your web camera, listen to your conversations and keep records of your online and offline activities. They can even record your keystrokes and this way reveal your passwords and login credentials, as well as other sensitive data such as your credit and debit card numbers, pin codes, and banking accounts. Such details, once in the hands of people with malicious intentions, can be misused in a number of ways.

For instance, you can become a victim of identity fraud, the crooks can empty your bank accounts, hijack your social network profiles, and even blackmail you with some sensitive images, videos or conversations they have gained access to thanks to the Trojan. Another possible usage of infections like LodaRAT is for the distribution of other threats. In many instances, the Trojan acts as a backdoor to ransomware and spyware and detects vulnerabilities that other viruses can exploit in order to sneak in the system without being detected.

That’s why it is very important to detect and remove LodaRAT as soon as possible so that you prevent it from inviting other malicious programs inside your system. The best and the quickest way to deal with the Trojan is to use a professional removal program, but the manual removal method is also an option if you know exactly what you have to remove. For instructions, please check the guide below or simply scan your device with the LodaRAT removal tool and eliminate the threat at once.


Name LodaRAT
Type Trojan
Danger Level High (Trojans are often used as a backdoor for Ransomware)
Symptoms Trojans typically run without showing visible symptoms but sometimes they may cause system errors, crashes and consume unusually high CPU and RAM resources.
Distribution Method Users may get infected with Trojans if they click on spam messages, malicious email attachments, fake ads, misleading links, illegal websites and more.
Detection Tool

anti-malware offerOFFER *Read more details in the first ad on this page, EULA, Privacy Policy, and full terms for Free Remover.

Remove LodaRAT Malware

If you are looking for a way to remove LodaRAT you can try this:

  1. Click on the Start button in the bottom left corner of your Windows OS.
  2. Go to Control Panel -> Programs and Features -> Uninstall a Program.
  3. Search for LodaRAT and any other unfamiliar programs.
  4. Uninstall LodaRAT as well as other suspicious programs.

Note that this might not get rid of LodaRAT completely. For more detailed removal instructions follow the guide below.

If you have a Windows virus, continue with the guide below.

If you have a Mac virus, please use our How to remove Ads on Mac guide.

If you have an Android virus, please use our Android Malware Removal guide.

If you have an iPhone virus, please use our iPhone Virus Removal guide


Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).



Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab. Try to determine which processes are dangerous.


Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
This scanner is free and will always remain free for our website's users.
This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.
Drag and Drop File Here To Scan
Drag and Drop File Here To Scan
Analyzing 0 s
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
    This scanner is based on VirusTotal's API. By submitting data to it, you agree to their Terms of Service and Privacy Policy, and to the sharing of your sample submission with the security community. Please do not submit files with personal information if you do not want them to be shared.

    After you open their folder, end the processes that are infected, then delete their folders.

    Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections.


    Hold together the Start Key and R. Type appwiz.cpl –> OK.


    You are now in the Control Panel. Look for suspicious entries. Uninstall it/them. If you see a screen like this when you click Uninstall, choose NO:



    Type msconfig in the search field and hit enter. A window will pop-up:


    Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.

    • Remember this step – if you have reason to believe a bigger threat (like ransomware) is on your PC, check everything here.

    Hold the Start Key and R copy + paste the following and click OK:

    notepad %windir%/system32/Drivers/etc/hosts

    A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

    hosts_opt (1)

    If there are suspicious IPs below “Localhost” – write to us in the comments.


    Type Regedit in the windows search field and press Enter.

    Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:

    • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
      HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
      HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

    If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!


    About the author


    Lidia Howler

    Lidia is a web content creator with years of experience in the cyber-security sector. She helps readers with articles on malware removal and online security. Her strive for simplicity and well-researched information provides users with easy-to-follow It-related tips and step-by-step tutorials.

    Leave a Comment

    We are here to help! Use SpyHunter to remove malware in under 15 minutes.

    Not Your OS? Download for Windows® and Mac®.

    * See Free Trial offer details and alternative Free offer here.

    ** SpyHunter Pro receives additional removal definitions and manual fixes through its HelpDesk in cases where they are needed.

    Spyware Helpdesk 1