Troj/FakeVir-EC

Category:	Viruses and Spyware	Protection available since:	30 Jul 2008 11:27:09 (GMT)
Type:	Trojan	Last Updated:	30 Jul 2008 11:27:09 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/FakeVir-EC is a Trojan for the Windows platform.

Troj/FakeVir-EC includes functionality to access the internet and communicate with a remote server via HTTP.

When Troj/FakeVir-EC is installed the following files are created:

<User>\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 2009.lnk
<Desktop>\Antivirus 2009.lnk
<User>\Start Menu\Antivirus 2009\Antivirus 2009.lnk
<User>\Start Menu\Antivirus 2009\Uninstall Antivirus 2009.lnk
<System>\scui.cpl

The file scui.cpl is detected as Troj/FakeVir-DE.

Registry entries are set as follows:

HKCU\Software\1118259503360352EE046D861A26B796\Options
pPath
<pathname of the Trojan executable>

HKLM\SOFTWARE\Microsoft\Internet Explorer
UserSession
1118259503360352EE046D861A26B796

Registry entries are created under:

HKCU\Software\1118259503360352EE046D861A26B796\Options

Try Sophos products for free
Download now

Troj/FakeVir-EC

Free Mac Anti-Virus

Popular topics