Fake

Win32:FakeAV-ETD [Trj] removal

Malware Removal

The Win32:FakeAV-ETD [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:FakeAV-ETD [Trj] virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Attempts to stop active services
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself
  • Attempts to disable UAC
  • Attempts to modify or disable Security Center warnings
  • Attempts to modify UAC prompt behavior
  • Anomalous binary characteristics
  • Attempts to modify user notification settings

How to determine Win32:FakeAV-ETD [Trj]?



File Info:

crc32: D2A9BE9E
md5: fbac49338227b464dfa29c526ea236a0
name: FBAC49338227B464DFA29C526EA236A0.mlw
sha1: cf87b30c19666a52d4db6c13444b054a593e3836
sha256: 45ffb5d6f47ea46596c15a0d117939c18b8f0e082a0e664ba19155b151e32c5a
sha512: 619018a841018e8d3f4ed36c22f31bc9a2670b1f392ad5228e7badcf6623b75096066412f40ad3d2137d8508aa4896f37af0262ac3aa6f896b2b3ce1157c3eb3
ssdeep: 12288:c2UDaPCfZKhdhE8QCuEuKmvIghfUy+SmuVyoatihLzm:c2UIQ2rgZKmm
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: All Rights reserved xa9 2005-2009                                                                     
FileDescription: AVASetup Info                                               
FileVersion:                     
Comments: This installation was built with Inno Setup.
CompanyName:                                                             
Translation: 0x0409 0x04e4

Win32:FakeAV-ETD [Trj] also known as:

BkavW32.Common.54BE14DF
K7AntiVirusTrojan ( 0040f4e11 )
DrWebTrojan.Fakealert.37412
CynetMalicious (score: 99)
ALYacTrojan.GenericKDZ.21540
CylanceUnsafe
ZillyaTrojan.Blocker.Win32.8171
SangforTrojan.Win32.AGEN.1018748
AlibabaAdWare:Win32/SystemSecurity.979a1088
K7GWTrojan ( 0040f4e11 )
Cybereasonmalicious.38227b
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Adware.SystemSecurity.AL
APEXMalicious
AvastWin32:FakeAV-ETD [Trj]
ClamAVWin.Trojan.Generickdz-9763206-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.GenericKDZ.21540
NANO-AntivirusTrojan.Win32.Fakealert.eczeno
MicroWorld-eScanTrojan.GenericKDZ.21540
TencentWin32.Trojan.Generic.Egem
Ad-AwareTrojan.GenericKDZ.21540
SophosGeneric ML PUA (PUA)
ComodoTrojWare.Win32.FakeAV.ALM@4ykx3g
VIPRETrojan.Win32.Fakeav.qvsm (v)
TrendMicroTROJ_RANSOM.SM04
McAfee-GW-EditionFake-SecTool!FBAC49338227
FireEyeGeneric.mg.fbac49338227b464
EmsisoftTrojan.GenericKDZ.21540 (B)
WebrootW32.Obfuscated.Gen
AviraHEUR/AGEN.1101523
eGambitUnsafe.AI_Score_99%
MicrosoftRogue:Win32/Winwebsec
AegisLabTrojan.Win32.Generic.4!c
GDataTrojan.GenericKDZ.21540
AhnLab-V3Trojan/Win32.FakeAV.R70710
McAfeeFake-SecTool!FBAC49338227
MAXmalware (ai score=100)
VBA32Malware-Cryptor.MTA
MalwarebytesMalware.AI.1024959568
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_RANSOM.SM04
RisingTrojan.Generic@ML.96 (RDML:y6BCWim0/XexFrUmzDO4Gg)
YandexTrojan.Blocker!WShdhLbLxSo
IkarusTrojan.Win32.FakeAV
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/FakeAV.AL
AVGWin32:FakeAV-ETD [Trj]
Paloaltogeneric.ml

How to remove Win32:FakeAV-ETD [Trj]?

Win32:FakeAV-ETD [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment