Loadblanks.ru Removal Guide

Threat Level:
Rate this Article:
Comments (0)
Article Views: 1128
Category: Browser Hijackers

Loadblanks.ru is really bad news, because if it ever enters your computer successfully, redirections to third-party websites will start taking place each time you open your web browser (it is compatible with Internet Explorer, Google Chrome, and Mozilla Firefox). These automatic redirections are happening because this computer infection has modified the shortcuts of all browsers installed on computers it infiltrates. More specifically, a new Target line (e.g. %Homedrive%:\Users\{username}\AppData\Roaming\Browsers\exe.xoferif.bat) pointing to batch files (they are located in the Browsers folder in %APPDATA%) belonging to the Loadblanks.ru browser hijacker, is set. As can be seen, this threat differs from ordinary browser hijackers which only set a new URL as a homepage and default search engine on web browsers to a great extent. Unfortunately, this also means that it will be several times harder to get rid of Loadblanks.ru. Victims of this browser hijacker will stop irritating redirections to pages with advertisements only if they fix shortcuts of their web browsers and delete all files dropped by this threat on their computers. We are sure you will know how to delete this computer infection after reading this article from beginning to end.

Since redirections to other web pages happen immediately after a web browser is opened, users might not even see the Loadblanks.ru URL. After analyzing the files exe.emorhc.bat, exe.erolpxei.bat, and exe.xoferif.bat (they are all located in the %APPDATA%\Browsers) that the files browsers’ shortcuts point to, it has become clear that they contain obfuscated commands. These commands open browsers with specific pages. Most probably, you will be redirected from Loadblanks.ru to http://ic.loadblanks.ru/c/02037a282dd7fbaf? and then straight to other third-party websites. These pages will contain the commercial content in different formats. On top of that, users might be offered to take surveys or enter their emails for a chance to win some kind of item on a pop-up. Actually, clicking on provided ads and entering emails or other information on third-party websites is not recommended. These websites opened by the Loadblanks.ru browser hijacker might contain malicious advertisements too, which might install malware on the computer or redirect further to pages administered by cyber criminals. As for the entering information, do not do that too because it might end up in the hands of bad people, for example, users who enter their emails on third-party websites might start receiving all kinds of spam emails. Remember, a bunch of extremely dangerous malware is spread via spam, so the lesser spam emails you receive, the better.

The Loadblanks.ru browser hijacker shares similarities with another computer infection Pesonal-spage.com (you can read about it on our website), so it is not surprising that it is distributed the same, i.e. it also comes bundled. Specialists working at 411-spyware.com suspect that this browser hijacker might be one of several items in a software bundle. It is very common of browser hijackers to travel together with freeware, but, of course, they might pair with other untrustworthy applications too. Because of this reason, you should not forget to check the insides of your system after removing the Loadblanks.ru browser hijacker. All other malicious components and untrustworthy software need to be erased too because it is a question of time when dangerous and extremely annoying infections appear on the computer again with their help.

As you already know, Loadblanks.ru usually travels in software bundles, which explains why so many users know nothing about its entrance. After the successful installation, it hijacks all shortcuts belonging to web browsers, as you already know. In addition, it places a folder (Browsers) with batch files in %APPDATA%. In order to delete this infection from the computer, all browsers’ shortcuts need to be fixed or deleted and then created again. On top of that, the folder Browsers with all files needs to be deleted. Busy people can leave this job to an automatic malware remover, e.g. SpyHunter. Of course, this removal method is, undoubtedly, easier and quicker if compared to the manual one, but you should know that it will not be that hard to get rid of this infection in a manual way too with our manual removal instructions (find them below this article).

Delete Loadblanks.ru

  1. Open the Windows Explorer by pressing the Windows key + E on your keyboard.
  2. Open %APPDATA% (you should copy and then paste this directory in the bar at the top).
  3. Locate the Browsers folder and delete it.
  4. Delete hijacked web browsers’ shortcuts from the following directories (right-click on a shortcut, open the Shortcut tab, and check the Target line to find out whether or not it has been modified):
  • %ALLUSERSPROFILE%\Start Menu\Programs
  • %APPDATA%\Microsoft\Windows\Start Menu\Programs
  • %USERPROFILE%\Microsoft\Windows\Start Menu\Programs
  • %ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs
  • %ALLUSERSPROFILE%\Application Data\Microsoft\Windows\Start Menu\Programs
  • %USERPROFILE%\Desktop
  1. Right-click inside a folder a shortcut has been deleted from, select New, and click Shortcut.
  2. Let the Wizard help you create new shortcuts in those places you have removed hijacked shortcuts from.
Download Remover for Loadblanks.ru *
*SpyHunter scanner, published on this site, is intended to be used only as a detection tool. To use the removal functionality, you will need to purchase the full version of SpyHunter.


Your email address will not be published.


Enter the numbers in the box to the right *