Fake

Mal/FakeAV-UI removal tips

Malware Removal

The Mal/FakeAV-UI is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Mal/FakeAV-UI virus can do?

  • Sample contains Overlay data
  • Unconventionial language used in binary resources: Turkish
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Mal/FakeAV-UI?



File Info:

name: 8B4CFECBECD95C808745.mlw
path: /opt/CAPEv2/storage/binaries/fe086759a0e5905e3972c79c81b3abf0d6aaa495c304f02b17b7078fdb08394d
crc32: 4DCB9133
md5: 8b4cfecbecd95c808745ef9ebaa4bcde
sha1: 32ab126876638761e34a99dbf67c28194eadf155
sha256: fe086759a0e5905e3972c79c81b3abf0d6aaa495c304f02b17b7078fdb08394d
sha512: 9fff4ff28abf924cb1280ed5164b423128fae4e21fae848270eed9c1c2e899737e1acedc115469ab69ab5ecf7889807b6a9770500268ce8670580f5aa7ce8078
ssdeep: 6144:xR/bxfYNuX1Ed5hZ9UxhX4O498sfti2QBm1vlI:xRzxuuedXrQ4984HQB6lI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C0242334C6E65820F7A743F937743E3463F62F306B4514EA9B9A2EB492B4B970006637
sha3_384: bee7b3db3e551c628eb45bae4507f4845e2fa7a2beb2b1bf89f7fc0021048c5a8ce711f35bc644b7067bcb55a88441f9
ep_bytes: 558bec81ecd80000006ac76a216800f8
timestamp: 2011-10-02 06:40:09


Version Info:

CompanyName: BitMefender S.R.L.
FileDescription: BitMefender Antivirus Scanner
FileVersion: 13,0,21,1
InternalName: GUIScanner
LegalCopyright: Copyright (C) 2010
OriginalFilename: uiscan.exe
ProductName: BitMefender 2016
ProductVersion: 13,0,18,344
Translation: 0x0409 0x04b0

Mal/FakeAV-UI also known as:

BkavW32.AIDetectMalware
DrWebTrojan.DownLoader9.8340
MicroWorld-eScanGen:Variant.Lazy.347141
ClamAVWin.Trojan.Yakes-1870
FireEyeGeneric.mg.8b4cfecbecd95c80
McAfeePWSZbot-FOY!8B4CFECBECD9
MalwarebytesGeneric.Malware.AI.DDS
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 005a60f61 )
K7GWTrojan ( 005a60f61 )
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderThetaGen:NN.ZexaF.36250.ny1@a8bh1QgO
VirITTrojan.Win32.Generic.BDPN
CyrenW32/Zbot.OQ.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik_AGen.BRI
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Lazy.347141
SUPERAntiSpywareTrojan.Agent/Gen-Falcomp
AvastWin32:Mystic
TencentTrojan.Win32.Zbot.c
EmsisoftGen:Variant.Lazy.347141 (B)
F-SecureTrojan.TR/Crypt.ZPACK.Gen9
BaiduWin32.Trojan.Kryptik.ej
VIPREGen:Variant.Lazy.347141
TrendMicroTSPY_ZBOT.SM3R
McAfee-GW-EditionBehavesLike.Win32.Generic.dc
Trapminemalicious.high.ml.score
SophosMal/FakeAV-UI
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Lazy.347141
AviraTR/Crypt.ZPACK.Gen9
MAXmalware (ai score=88)
Antiy-AVLTrojan/Win32.Yakes
ArcabitTrojan.Lazy.D54C05
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GoogleDetected
AhnLab-V3Trojan/Win.Yakes.R582244
ALYacGen:Variant.Lazy.347141
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTSPY_ZBOT.SM3R
RisingSpyware.Zbot!1.A1BA (CLASSIC)
IkarusTrojan.Win32.Crypt
MaxSecureTrojan.Yakes.dwzw
FortinetW32/Wacatac.B!tr
AVGWin32:Mystic
Cybereasonmalicious.becd95
DeepInstinctMALICIOUS

How to remove Mal/FakeAV-UI?

Mal/FakeAV-UI removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment