Troj/FakeAV-AIB

Category: Viruses and Spyware Protection available since:20 Nov 2009 09:10:52 (GMT)
Type: Trojan Last Updated:20 Nov 2009 09:10:52 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/FakeAV-AIB is a Trojan for the Windows platform.

Troj/FakeAV-AIB includes functionality to:

- run automatically
- steal confidential information
- access the internet and communicate with a remote server via HTTP

Troj/FakeAV-AIB communicates via HTTP with the following locations:

212 . 117 . 161 . 142


When Troj/FakeAV-AIB is installed the following files are created:

<Root>\SafetyCenter\main.ico
<Root>\SafetyCenter\new.exe
<Root>\SafetyCenter\protector.exe
<Root>\SafetyCenter\sound.wav
<Root>\SafetyCenter\start.exe
<Root>\SafetyCenter\tst.exe
<Root>\SafetyCenter\uninstall.exe

Registry entries are created under:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SafetyCenter
HKCU\Software\SafetyCenter

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy