How to remove AliMiserUpdate_AVG_RESTORED.exe

» File
File Details
Overview
Analysis

AliMiserUpdate_AVG_RESTORED.exe

The module AliMiserUpdate_AVG_RESTORED.exe has been detected as Ransom.Wacatac

AliMiserUpdate_AVG_RESTORED.exe

Remove AliMiserUpdate_AVG_R

File Details

Main Info:

Product Name:	TODO: <产品名>
MD5:	689a96f71161190a8193d8d7d7341e6b
Size:	111 KB
First Published:	2017-05-21 04:02:47 (8 years ago)
Latest Published:	2021-12-19 21:33:19 (3 years ago)

Analysis:

Status:	Ransom.Wacatac (on last analysis)
Analysis Date:	2021-12-19 21:33:19 (3 years ago)

Overview

Digital Signature

Signed By:	TAOBAO (CHINA) SOFTWARE CO.,LTD.
Status:	Valid

Common Places:

%programfiles%\taobaoprotect

%appdata%\taobaoprotect

%profile%\ser\application data\taobaoprotect

%sysdrive%\notebook\users\константин\appdata\roaming

%sysdrive%\notebook\program files (x86)

File Names:

AliMiserUpdate.exe

AliMiserUpdate_AVG_RESTORED.exe

Geography:

	38.4%
	33.6%
	12.2%
	2.5%
	1.9%
	1.5%
	1.2%
	1.2%
	0.9%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.4%
	0.4%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.3%
	0.1%
	0.1%

OS Version:

Windows 10	51.3%
Windows 7	41.4%
Windows 8.1	5.7%
Windows XP	1.5%
Windows 8	0.1%

Analysis

PE Info:

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x0004b470

PE Sections:

Name	Size of data	MD5
UPX0	0	00000000000000000000000000000000
UPX1	104448	2c64e7381e2127dd2b4911d5937a3610
.rsrc	2048	c1cbfb8c16d8747a8bb6d8ec88ad00e2

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for AliMiserUpdate_AVG_RESTORED.exe

copyright for information about AliMiserUpdate_AVG_RESTORED.exe