Troj/FakeAV-AOY

Category: Viruses and Spyware Protection available since:11 Jan 2010 11:57:29 (GMT)
Type: Trojan Last Updated:11 Jan 2010 11:57:29 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/FakeAV-AOY is a Trojan for the Windows platform.

Troj/FakeAV-AOY includes functionality to:

- run automatically
- create batch scripts
- access the internet and communicate with a remote server via HTTP

Troj/FakeAV-AOY downloads more malware via HTTP.

When Troj/FakeAV-AOY is installed it creates the file <User>\Application Data\<random number>\<random number>.exe.

The following registry entry is created to run 00676423.exe on startup:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
<random number>
<User>\APPLIC~1\<random number>\<random number>.exe

Registry entries are created under:

HKLM\SOFTWARE\<random number>

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy