Tag Archives: FakeAV – MSE

Removed: 1.exe, 44166.js, hotfix.exe, jsdfgs.bat (FakeAV – MSE)

Malware: exe.exe Removed: C:\Documents and Settings\Administrator\Application Data\1.exe C:\Documents and Settings\Administrator\Application Data\44166.js – random filename C:\Documents and Settings\Administrator\Application Data\hotfix.exe C:\Documents and Settings\Administrator\Application Data\jsdfgs.bat —————————————————————————————————————————- Detected by UnHackMe: Item Name: shell Author: Unknown Related File: C:\Documents and Settings\Administrator\Application Data\hotfix.exe Type: User Shell Item Name: hotfix.exe Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\HOTFIX.EXE Type: Running Processes Removal […]
More…

Removed: hotfix.exe, jsdfgs.bat, gilavof.dll, hejitav.exe (FakeAV – MSE)

Malware: qoql2uc.exe Removed: C:\Documents and Settings\Administrator\Application Data\hotfix.exe C:\Documents and Settings\Administrator\Application Data\jsdfgs.bat C:\WINDOWS\system32\gilavof.dll C:\WINDOWS\system32\hejitav.exe —————————————————————————————————————————- Related links: http://greatis.com/blog/how-to-remove-malware/hotfix-exe-fakeav-mse.htm http://greatis.com/blog/how-to-remove-malware/antispy-exe-at1-job-at24-job-fakeav-mse.htm http://greatis.com/blog/how-to-remove-malware/removed-antispy-exe-fakeav-pest-detector-aka-red-cross-antivirus-antispy-safeguard-peak-protection-2010-major-defense-kit.htm —————————————————————————————————————————- Detected by UnHackMe: Item Name: shell Author: Unknown Related File: C:\Documents and Settings\Administrator\Application Data\hotfix.exe Type: User Shell Item Name: AppInit_DLLs Author: Unknown Related File: C:\WINDOWS\system32\gilavof.dll Type: List of Injected DLLs Item Name: risosig Author: Unknown […]
More…

Removed: hotfix.exe (FakeAV – MSE)

Malware: exe.exe Removed: C:\Documents and Settings\Administrator\Application Data\hotfix.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: shell Author: Unknown Related File: C:\Documents and Settings\Administrator\Application Data\hotfix.exe Type: User Shell Item Name: hotfix.exe Author: SoftMosters AG Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\HOTFIX.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: […]
More…

Removed: antispy.exe, At1.job – At24.job (FakeAV – MSE)

Malware: exe.exe Removed: C:\Documents and Settings\Administrator\Application Data\antispy.exe C:\WINDOWS\Tasks\At1.job /…/ C:\WINDOWS\Tasks\At24.job —————————————————————————————————————————- Detected by UnHackMe: Item Name: shell Author: Unknown Related File: C:\Documents and Settings\Administrator\Application Data\antispy.exe Type: User Shell Item Name: At1 Author: Microsoft Corporation Related File: C:\WINDOWS\system32\MSHTA.EXE Type: Scheduled Tasks Item Name: At2 Author: Microsoft Corporation Related File: C:\WINDOWS\system32\MSHTA.EXE Type: Scheduled Tasks /…/ Item Name: […]
More…