English 
Deutsch
Español
Français
Portuguese
Mal/FakeAV AY Mal/FakeAV-AY
By
ZulaZuza in 
Loading ...
Mal/FakeAV-AY Description
Mal/FakeAV-AY is a Trojan horse that may harm your system or its network environment. Mal/FakeAV-AY may spread via freeware downloads or unsolicited e-mail attachments and links. Mal/FakeAV-AY may also disguise itself as a legitimate security tool or include a compromised computer in botnet activities. Remove Mal/FakeAV-AY at your earliest convenience.
Type: Trojans
How Can You Detect Mal/FakeAV-AY?
Mal/FakeAV-AY has typically the following processes in memory:
- %Temp%\c.exe
- %Temp%\a.exe
- %Temp%\sshnas.dll
- %Temp%\b.exe
- %System%\sshnas.dll
- %Windir%\msa.exe
Mal/FakeAV-AY creates the following registry entries:
- [HKEY_CURRENT_USER\Software\MailBlocker]
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSHNAS\Parameters]
- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SSHNAS\Parameters]
- [HKEY_CURRENT_USER\Software\Minisoft]
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSHNAS]
- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SSHNAS]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSHNAS\Security]
- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SSHNAS\Security]
Important Article Disclaimer
This entry was posted on 11/24/09 and is filed under Trojans.
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
