Trojan.FakeAV!gen40
Trojan.FakeAV!gen40 is a Trojan infection that may display fake security warnings on a compromised PC. Trojan.FakeAV!gen40 is able to secretly infect a machine and run automatically. Trojan.FakeAV!gen40 will steal a victim's confidential information and send it to a remote server via HTTP. Trojan.FakeAV!gen40 may also download additional malware onto the system. Remove Trojan.FakeAV!gen40 from your system promptly after detection.
File System Details
Trojan.FakeAV!gen40 may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %AppData%\Microsoft\svchost.exe | |
| 2. | %AppData%\Microsoft\Windows\shell.exe | |
| 3. | %Temp%\dwm.exe | |
| 4. | %AppData%\Microsoft\stor.cfg |
Registry Details
Trojan.FakeAV!gen40 may create the following registry entry or registry entries:
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
ProxyEnable =
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
