Win32/FakeVimes

Win32/FakeVimes Description

Win32/FakeVimes is a Windows platform infection that can cause damage to a computer system. Win32/FakeVimes is often associated with rogue security applications and once it is inside a machine, it may generate fake security warnings and scanners. Use an effective security tool to remove this threat as soon as possible.

Aliases: Trojan.FakeAV.LEO [BitDefender], TROJ_ZBOT.CEX, a variant of Win32/Kryptik.GUW [NOD32], Trojan/Generic.zfrt, Gen:Variant.Barys.905 [BitDefender], Win32.TRATRAPS [eSafe], Win32:Kryptik-HWP [Trj] [Avast], TROJ_GEN.R49C7CD, W32/Troj_Generic.AKYYL, Trojan.Kryptik!97nVzYd5I8o, FakeAlert-FBO!B33E80FC0218 [McAfee], probably a variant of Win32/Agent.PGCLXV, Trojan.Win32.Encpk.lee.b (v), W32/Troj_Generic.CMULY and Trojan.FakeAV!wDpIwY+eDm8.

Technical Information

File System Details

Win32/FakeVimes creates the following file(s):
# File Name Size MD5 Detection Count
1 %ALLUSERSPROFILE%\Application Data\0cdb4f\BA0cd_8001.exe 4,046,848 ca3aeda1e62cccfdc148c947aeeeebd5 71
2 %TEMP%scandsk107d_8046[1].exe 95,237 bb38279988fcd5dfb313ac7803588daf 53
3 %ALLUSERSPROFILE%\cda02e\BVcda_8039.exe 2,958,336 41697fb087b9d3924ad4d465e533cc48 52
4 %ALLUSERSPROFILE%\f0f852\TAf0f_8068.exe 3,682,816 1570e3d543406a1aac419a033bb701f9 50
5 %TEMP%scandsk107d_8001[1].exe 137,221 96943fd9b02fa996f348d7ce867c012b 15
6 %TEMP%scandsys107f_8028.exe 138,245 ea088f10a1b9297f71c4b1f1f5dbaa61 13
7 %ALLUSERSPROFILE%\d27d5f\MPd27_8051.exe 3,406,336 92942c6a4924ebf85f58c2591452474e 13
8 %ALLUSERSPROFILE%\5e8e21\TA5e8_8044.exe 3,652,608 6d6a5c7e9d8522f35a56237a0a6c09ec 11
9 %ALLUSERSPROFILE%\Application Data\aba85f\BAaba_8028.exe 4,046,848 fc23a98def665c7ae23136ffdfbe268f 8
10 %ALLUSERSPROFILE%\Datos de programa\f4b3c7\AVf4b_8050.exe 4,210,688 d30f14b57d841c5ed78449d9d1d8f060 4
11 %ALLUSERSPROFILE%\d444da\APd44_8028.exe 2,957,824 b33e80fc0218e4e268e243422e37a87a 4
12 %ALLUSERSPROFILE%\Application Data\80c9f0\AS80c_8020.exe 3,404,288 53e00c57e1c105c837fc64d6813d2663 3
13 %TEMP%scandsk107d_8028[1].exe 119,301 e8ca18008b508982c12c9b04307a7e90 3
14 %ALLUSERSPROFILE%\Application Data\db49d8\AAdb4_8048.exe 3,864,576 ae492045c2e412f3c0732bd20f468e20 3
15 %ALLUSERSPROFILE%\98f754\MP98f_8050.exe 3,390,976 8e7ec460af8c49dfb104123e9bd0b5aa 2
16 %ALLUSERSPROFILE%\a89acb\AVa89_8050.exe 3,379,712 fdad5e201d698b3d66c5bb45b94e3c12 2
17 %ALLUSERSPROFILE%\Application Data\d8da93\AVd8d_8050.exe 3,392,512 3b3d15d3b26918819ccbafabe13f9502 2
18 %ALLUSERSPROFILE%\Application Data\81a26c\TA81a_8068.exe 3,649,536 ab23544a651bedbeee1d6da6bb8f401b 2
19 %ALLUSERSPROFILE%\Application Data\050659\MP050_8032.exe 3,408,384 1b3324938817cd0c4d700d4acb2f02bb 1
20 %TEMP%0.6567048221346792.exe 215,557 1d3c9c66bfb6e0431764de1a0dc6d058 1
21 %TEMP%0.0013807596795621935.exe 92,165 b1f6225e4f291f0030d27af3e2f9cc39 1
22 %ALLUSERSPROFILE%\Application Data\2ff31a\BA2ff_8001.exe 4,765,696 fc649800fbb20ea1fc4c0bd4fe3921b3 1
23 %ALLUSERSPROFILE%\Application Data\676476\BA676_8028.exe 4,029,440 6ed6d330cda226bb3cf8d9948b95b24c 1
24 %ALLUSERSPROFILE%\Application Data\62bbfd\BA62b_8001.exe 4,030,976 a70a88be1fc5b481dc9065a349de3764 1
25 %ALLUSERSPROFILE%\62160b\BA621_8097.exe 4,168,704 d7d10ccece823eb9aefd5b401f79e16e 1
26 %ALLUSERSPROFILE%\Application Data\7e92d9\BA7e9_8028.exe 4,145,152 08d9a59ffab33559c38c4e3f323dbfb4 1
27 %ALLUSERSPROFILE%\1abfdc\BA1ab_8028.exe 4,145,152 7387055fa87c5771d984a196da5e90b4 1
More files

Related Posts

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.