Mal/FakeAV-AY
Mal/FakeAV-AY is a Trojan horse that may harm your system or its network environment. Mal/FakeAV-AY may spread via freeware downloads or unsolicited e-mail attachments and links. Mal/FakeAV-AY may also disguise itself as a legitimate security tool or include a compromised computer in botnet activities. Remove Mal/FakeAV-AY at your earliest convenience.
File System Details
Mal/FakeAV-AY may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %Temp%\c.exe | |
| 2. | %Temp%\a.exe | |
| 3. | %Temp%\sshnas.dll | |
| 4. | %Temp%\b.exe | |
| 5. | %System%\sshnas.dll | |
| 6. | %Windir%\msa.exe | |
| 7. | %Temp%\a.dat | |
| 8. | %Windir%\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job | |
| 9. | %Windir%\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job |
Registry Details
Mal/FakeAV-AY may create the following registry entry or registry entries:
[HKEY_CURRENT_USER\Software\MailBlocker]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSHNAS\Parameters]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SSHNAS\Parameters]
[HKEY_CURRENT_USER\Software\Minisoft]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSHNAS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SSHNAS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSHNAS\Security]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SSHNAS\Security]
