Troj/FakeAV-AZQ

Category: Viruses and Spyware Protection available since:11 Mar 2010 12:44:57 (GMT)
Type: Trojan Last Updated:11 Mar 2010 12:44:57 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/FakeAV-AZQ is a Trojan for the Windows platform.

Troj/FakeAV-AZQ includes functionality to access the internet and communicate with a remote server via HTTP.

Troj/FakeAV-AZQ communicates via HTTP with the following locations:

asertubarilos . com
tulibonerduma . com


When Troj/FakeAV-AZQ is installed it creates the file <User>\Local Settings\Application Data\av.exe.

The following registry entries are set, affecting internet security:

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy
DomainProfile
DoNotAllowExceptions

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy
DomainProfile
DisableNotifications

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy
StandardProfile
DoNotAllowExceptions

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy
StandardProfile
DisableNotifications

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy