Threat Database Malware Malware.FakeMsMessage

Malware.FakeMsMessage

By CagedTech in Malware

Threat Scorecard

Ranking: 11,606
Threat Level: 100 % (High)
Infected Computers: 20,629
First Seen: November 11, 2015
Last Seen: January 4, 2025
OS(es) Affected: Windows

SpyHunter Detects & Remove Malware.FakeMsMessage

File System Details

Malware.FakeMsMessage may create the following file(s):
# File Name MD5 Detections
1. sm.exe 4bab8c81e0c1c90fa2f396a8d5191633 625
2. windows error.vbs 9bdd4f6736a0dd80c5a06a9ff17dd660 69
3. RDBooster.exe 64b87f0b8e6a0219781743ad482cb2d7 47
4. auto explore.bat 35ff73e844218a7736a7407111ba284d 44
5. MS Office Activation.exe 1c3049d69b5eed868d89bdcb1c940fa2 32
6. Google.exe 871fd8652d685f50fa1a81ff01629695 31
7. ClicktwoApp.exe ec71d7c0172224f26f4d578be906441c 26
8. WinDefend.exe c986a66b2c872c2c617c3b627aa7a229 26
9. Bheega.exe 16bca35fd239198cc0389a36f96f2dc2 25
10. Bheegaup.exe 1f4125dfb734f39305e69e8b5e02f07d 22
11. WindowsVerifier.exe ec4a26eff4cc1d28f49fd1604b95515f 11
12. offer1.exe e2b4dfff68e313792773d45749ac5938 8
13. e.bat 142983e919799c3ce7a46e8de8f9d775 7
14. call.vbs f707cb5e45fc4626a26053fa28182374 5
15. Network Cleaner.hta 9af26e733894c5d41fdaacdfc26c9122 5
16. fatalerror.exe 82a6e1204cc912118be34ef1d7cdc964 4
17. Adobe Flash Player.exe bf4542eb5ad940249884ebc4c145b9de 4
18. windows_update.exe fa2d7fcb01836e68a386a652af5c0707 4
19. msqrtt.exe 6d0dd0e5a330c74dc050aa1ff5ce5cd7 4
20. sysuoi.exe ece03144ac1a19561544c659b333fc84 3
21. ecfd75a2f55b3cacb535060cd88b88eb9048eb6b00f1220010371ace56375721.exe 40c0f73c336771dadbaa7df2eb6e61c3 2
22. back1.exe 3009c77b81be6c5b3c9b9143508ffbb3 2
23. sysui.exe 068f1381d99c0d3fedb3fdc56efe5929 2
24. Feederup.exe f13dfcf495531f13ef381e32a1e8afbf 1
25. MICROSOFT ALERT.exe 541d647fbcb70dbbfcdd7297455f1514 1
26. explorer7.exe 0e203cb67afb36f2cceb8939b0e49367 1
27. file.exe cb219109a658cc1312b5b91335914227 0
28. FRONT 5.EXE c0e6bc6a2e6fe9f967d92be70b4f4b7b 0
More files

Registry Details

Malware.FakeMsMessage may create the following registry entry or registry entries:
Regexp file mask
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\DefenderUpdater.vbs
%APPDATA%\System Monitor\sm.exe
%LOCALAPPDATA%\feeder\feeder.exe
%PROGRAMFILES(x86)%\Microsoft Corporation\NotificationWindow.dll
%PROGRAMFILES(x86)%\Microsoft Corporation\SystemAlert.[RANDOM CHARACTERS]
%PROGRAMFILES(x86)%\Microsoft Corporation\SystemAlert.exe
%PUBLIC%\Documents\updator.exe
%PUBLIC%\Documents\VinCE\BRN.log
%PUBLIC%\Documents\WIN32\WBCRP.exe
%WINDIR%\microsoft.exe
%WINDIR%\System32\Tasks\VinCE
SOFTWARE\Microsoft\Tracing\nerta_RASAPI32
SOFTWARE\Microsoft\Tracing\nerta_RASMANCS
SOFTWARE\Microsoft\Tracing\Wiindows_RASAPI32
SOFTWARE\Microsoft\Tracing\Wiindows_RASMANCS
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\MICROSOFT ALERT.exe
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\Nerta.lnk
SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AppUpdator
Software\Microsoft\Windows\CurrentVersion\Run\Winkavexe
SOFTWARE\Wow6432Node\Microsoft\Tracing\Wiindows_RASAPI32
SOFTWARE\Wow6432Node\Microsoft\Tracing\Wiindows_RASMANCS
SOFTWARE\Wow6432Node\windowsactivate

Directories

Malware.FakeMsMessage may create the following directory or directories:

%APPDATA%\Tune_Updater
%APPDATA%\msqrt
%LOCALAPPDATA%\Dynamation
%LOCALAPPDATA%\WinDan
%LOCALAPPDATA%\WinKav
%LOCALAPPDATA%\Windowactivation
%LOCALAPPDATA%\clicktwo
%LOCALAPPDATA%\winmas
%LOCALAPPDATA%\winone
%PROGRAMFILES%\Power Update
%PROGRAMFILES(x86)%\Active Pro
%PROGRAMFILES(x86)%\DrivePro
%PROGRAMFILES(x86)%\Error Finder
%PROGRAMFILES(x86)%\July Power Update
%PROGRAMFILES(x86)%\Productkeyupdate
%PROGRAMFILES(x86)%\Registry Cleaner\Registry Cleaner
%PROGRAMFILES(x86)%\Stlr\nerta
%PROGRAMFILES(x86)%\WindowsActivationError
%PROGRAMFILES(x86)%\WindowsActivationUpdate
%PROGRAMFILES(x86)%\Windows\Error file remover
%PROGRAMFILES(x86)%\windowsactivate
%PUBLIC%\Documents\drivepro
%USERPROFILE%\Local Settings\Application Data\WinKav

URLs

Malware.FakeMsMessage may call the following URLs:

//smart-screen.host
error-error.azurewebsites.net
fast-online-virus-scanner.info
microsoftstoers.com
nwtzz1.nbtrk0.com
tom007.site
win-help14.s3-accelerate.amazonaws.com

Trending

Most Viewed

Loading...