Malware

Misleading:Win32/Softeallion removal tips

Malware Removal

The Misleading:Win32/Softeallion is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Misleading:Win32/Softeallion virus can do?

  • Executable code extraction
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Collects information to fingerprint the system

Related domains:

ext.wisetuner.com
show.wisetuner.com
api.drivertuner.com

How to determine Misleading:Win32/Softeallion?



File Info:

crc32: 83892550
md5: d9cc90ac7c83d9931abd7b9e2579b22d
name: windows_drivers_download_utility_setup.exe
sha1: fac8c8e19b96b367151cebc47df40e0734f9ad99
sha256: 5a0689a96e92db9319da38b3cfb8ae9c0c78d2eaf70c06d78855fa6fbbfbf931
sha512: 3d0cded5191a93a2aff6df26700a7276654dbca7ff27daba3b3d36c9009ed5aa8124ef36efa81e63b774190905f3af596c3b8f7ef62511f6aafa36f8d2bb6f4a
ssdeep: 49152:MqenMqDc1fedBh5+D2OGfwaPQvTIEqgVSRu71f3sA7JPYvLli7RJgh:RXdenhEDYf5YvTDq6vl3sAl6i7Rqh
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:                                                                                                     
FileVersion:                     
CompanyName: LionSea Software                                            
Comments: This installation was built with Inno Setup.
ProductName: Windows Drivers Download Utility                            
ProductVersion: 3.3.2               
FileDescription: Windows Drivers Download Utility Setup                      
Translation: 0x0000 0x04b0

Misleading:Win32/Softeallion also known as:

BkavW32.HfsAdware.77D9
DrWebProgram.Unwanted.79
MicroWorld-eScanApplication.Deceptor.ZV
McAfeeArtemis!D9CC90AC7C83
CylanceUnsafe
K7AntiVirusRiskware ( dec002b41 )
BitDefenderApplication.Deceptor.ZV
K7GWRiskware ( dec002b41 )
ArcabitApplication.Deceptor.ZV
TrendMicroPUA.Win32.LionSea.A
ESET-NOD32a variant of Win32/UwS.DriverTuner.A
KasperskyHoax.Win32.DeceptPCClean.cyi
EmsisoftApplication.Deceptor.ZV (B)
ComodoMalware@#5chak8zzvsdt
McAfee-GW-EditionArtemis!PUP
FortinetW32/LionSea_Software.A
FireEyeApplication.Deceptor.ZV
SophosLionSea Software (PUA)
WebrootW32.Deceptor.Lionsea
AviraPUA/DriverTuner.A
MicrosoftMisleading:Win32/Softeallion
ZoneAlarmHoax.Win32.DeceptPCClean.cyi
PandaPUP/PCFixSpeed
TrendMicro-HouseCallPUA.Win32.LionSea.A
GDataWin32.Application.SpeedyOpt.A
AVGWin32:PUP-gen [PUP]
AvastWin32:PUP-gen [PUP]

How to remove Misleading:Win32/Softeallion?

Misleading:Win32/Softeallion removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment