Fake

Generic.FakeAV.D9CB11D5 removal tips

Malware Removal

The Generic.FakeAV.D9CB11D5 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.FakeAV.D9CB11D5 virus can do?

  • Sample contains Overlay data
  • Performs HTTP requests potentially not found in PCAP.
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Generic.FakeAV.D9CB11D5?



File Info:

name: 8CB4F30498ACE222E942.mlw
path: /opt/CAPEv2/storage/binaries/178d86291be341c950b6f22ab228f02a80e8aa8f2a4a8d4f9f2194d30da27145
crc32: CD1BBD1E
md5: 8cb4f30498ace222e9423b97739ea7bc
sha1: 265c50e43b6090d7064bbfd5a3cc996d6797a3c9
sha256: 178d86291be341c950b6f22ab228f02a80e8aa8f2a4a8d4f9f2194d30da27145
sha512: e43c5a3faa35a6b7d57819f2d62871c351f7c6d9c9e57ac3c3bfdd15e91965b84e2abd267a52b0171c7c90932c9d00ae90fb34f9ed742101e56852ba73ec00f4
ssdeep: 1536:S1WMOBlq3hkxFoTqWbE3KmxgJSfDgfBA+nouy8mEY5q3XG:wCBoRkiqWbEzg4DOBDoutmLI3XG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17253020798E1759DC04B193105DBEDBA0F71DF234A9182825EE8BDAFFC257E3B54818A
sha3_384: 6cf8bd94331ccae041944e4edcb43e49b8c8989c4668e22c4ab3937de0dddca79d7a3311faf743c032e6036e31a17901
ep_bytes: 60be00e041008dbe0030feff5789e58d
timestamp: 2009-01-26 07:17:44


Version Info:

0: [No Data]

Generic.FakeAV.D9CB11D5 also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
DrWebTrojan.Fakealert.4368
MicroWorld-eScanDeepScan:Generic.FakeAV.D9CB11D5
FireEyeGeneric.mg.8cb4f30498ace222
SkyhighFakeAV-DZ
ALYacDeepScan:Generic.FakeAV.D9CB11D5
MalwarebytesGeneric.Malware.AI.DDS
VIPREDeepScan:Generic.FakeAV.D9CB11D5
SangforTrojan.Win32.Save.a
BitDefenderDeepScan:Generic.FakeAV.D9CB11D5
Cybereasonmalicious.43b609
BitDefenderThetaAI:Packer.6960E3E520
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/Adware.WinWebSecurity
APEXMalicious
ClamAVWin.Trojan.Fraudload-2213
KasperskyTrojan-Downloader.Win32.FraudLoad.emv
AlibabaTrojanDownloader:Win32/FraudLoad.6fe9fdad
NANO-AntivirusTrojan.Win32.FraudLoad.jeus
RisingDownloader.FraudLoad!8.7B2 (TFE:5:t6hkQEjpR8S)
SophosMal/FakeAV-CZ
GoogleDetected
F-SecureTrojan.TR/Crypt.CFI.Gen
ZillyaDownloader.Delf.Win32.4647
TrendMicroMal_FakeAV-11
Trapminemalicious.high.ml.score
EmsisoftDeepScan:Generic.FakeAV.D9CB11D5 (B)
IkarusTrojan-Downloader.Win32.FraudLoad
JiangminTrojanDownloader.FraudLoad.cuo
WebrootW32.Rogue.Gen
VaristW32/FakeAlert.AG.gen!Eldorado
AviraTR/Crypt.CFI.Gen
Antiy-AVLTrojan[Downloader]/Win32.FraudLoad
KingsoftWin32.Troj.Undef.a
MicrosoftRogue:Win32/Winwebsec
XcitiumApplicUnsaf.Win32.FraudTool.SystemSecurity.~JHN@1nwdo8
ArcabitDeepScan:Generic.FakeAV.D9CB11D5
ZoneAlarmTrojan-Downloader.Win32.FraudLoad.emv
GDataDeepScan:Generic.FakeAV.D9CB11D5
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.FakeAV.R7501
VBA32BScope.Trojan.Agent
MAXmalware (ai score=100)
DeepInstinctMALICIOUS
Cylanceunsafe
PandaAdware/TotalSecurity2009
TrendMicro-HouseCallMal_FakeAV-11
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.1133650.susgen
FortinetW32/FakeAlert.YYW!tr
AVGWin32:Adware-gen [Adw]
AvastWin32:Adware-gen [Adw]
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Generic.FakeAV.D9CB11D5?

Generic.FakeAV.D9CB11D5 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment