Fake Trojan

Trojan.FakeAlert.DBZ removal

Malware Removal

The Trojan.FakeAlert.DBZ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.FakeAlert.DBZ virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Russian
  • Unconventionial language used in binary resources: Russian
  • Authenticode signature is invalid
  • Steals private information from local Internet browsers
  • Exhibits behavior characteristic of Pony malware
  • Collects information about installed applications
  • Harvests cookies for information gathering
  • Harvests credentials from local FTP client softwares
  • Harvests information related to installed mail clients

How to determine Trojan.FakeAlert.DBZ?



File Info:

name: 075DE6D7E1A59D759D9D.mlw
path: /opt/CAPEv2/storage/binaries/eda0408467e938515705d0a42a0f57f39a3e9bef5756a0eb8d8f38b19c535b49
crc32: 0F35E8B3
md5: 075de6d7e1a59d759d9d6d743b6635c1
sha1: ace688a64daff7c7ee6542a082c1abcf114e56f2
sha256: eda0408467e938515705d0a42a0f57f39a3e9bef5756a0eb8d8f38b19c535b49
sha512: 959e2bb12a63d2042ca8276000adbbe8c8f50b5246714754ff0eb0f6c38f280f9a833ff23fc4f651578e9c02672365a708e46944fcf19f2267373a7707a0cc95
ssdeep: 3072:rj9GMz91Md9Jg9/74fzjOdOXfFdyRwRIvzKCoCvCyCu34:VGMDM874fzCwXfFdV+2CoCvCyCr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17214AD2BEC538472FCD61AFF0865A1426E30FE532B30C5A664E92B1635FD67B65006BC
sha3_384: 26dd0bf8022cb4b24abf1ff917092aac8ec8722780995224acac61aa34da2083eaa7a8c9212e3a60d8aac8f3e85a3da0
ep_bytes: 558bec892db82e4200e8e2fcffff5dc3
timestamp: 2012-12-11 19:39:48


Version Info:

CompanyName: Корпорация Майкрософт
FileDescription: Мастер создания общих ресурсов
FileVersion: 5.1.2600.5512 (xpsp.080413-2108)
InternalName: SHRWIZ
LegalCopyright: © Корпорация Майкрософт. Все права защищены.
OriginalFilename: shrpubw.exe
ProductName: Операционная система Microsoft® Windows®
ProductVersion: 5.1.2600.5512
Translation: 0x0419 0x04b0

Trojan.FakeAlert.DBZ also known as:

LionicTrojan.Win32.Zbot.lGdW
Elasticmalicious (high confidence)
DrWebTrojan.Packed.23728
MicroWorld-eScanTrojan.FakeAlert.DBZ
FireEyeGeneric.mg.075de6d7e1a59d75
CAT-QuickHealTrojanPWS.Zbot.Gen
McAfeePWS-Zbot.gen.aua
CylanceUnsafe
ZillyaTrojan.Tepfer.Win32.23617
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0040f02a1 )
AlibabaTrojan:Win32/Bulta.d2dd711d
K7GWTrojan ( 0040d0431 )
Cybereasonmalicious.7e1a59
BitDefenderThetaGen:NN.ZexaF.34212.lu2@ayVYP2ac
VirITTrojan.Win32.Agent.I
CyrenW32/Zbot.GQ.gen!Eldorado
SymantecPacked.Generic.406
ESET-NOD32a variant of Win32/Kryptik.AQJX
TrendMicro-HouseCallTSPY_ZBOT.SM18
Paloaltogeneric.ml
ClamAVWin.Malware.Zeus-9817624-1
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.FakeAlert.DBZ
NANO-AntivirusTrojan.Win32.Crypted.beapqo
SUPERAntiSpywareTrojan.Agent/Gen-Zbot
AvastWin32:Agent-AQQL [Trj]
TencentWin32.Init.QQRob.cun
Ad-AwareTrojan.FakeAlert.DBZ
EmsisoftTrojan.FakeAlert.DBZ (B)
ComodoTrojWare.Win32.PWS.ZBot.ASY@4sonv8
VIPRETrojan.Win32.Zbot.ak (v)
TrendMicroTSPY_ZBOT.SM18
McAfee-GW-EditionPWS-Zbot.gen.asq
SophosMal/Generic-R + Troj/Zbot-DHN
IkarusTrojan-PWS.Win32.Zbot
GDataTrojan.FakeAlert.DBZ
JiangminTrojan/Generic.aqyyy
WebrootW32.Malware.Gen
AviraTR/Crypt.XPACK.Gen7
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASMalwS.1F0796
KingsoftWin32.Heur.KVM007.a.(kcloud)
MicrosoftPWS:Win32/Fareit
CynetMalicious (score: 100)
AhnLab-V3Spyware/Win32.Zbot.R44064
Acronissuspicious
VBA32BScope.Trojan.Cloxer
ALYacTrojan.FakeAlert.DBZ
APEXMalicious
RisingSpyware.Zbot!8.16B (TFE:dGZlOgO0KqrHMCKr/g)
YandexTrojan.Agent!OoDjt1X37Fo
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.5055900.susgen
FortinetW32/ZBOT.QT!tr
AVGWin32:Agent-AQQL [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.FakeAlert.DBZ?

Trojan.FakeAlert.DBZ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment