high
Summary
Summary
Action- More Information
| Affected operating systems | Windows |
|---|---|
| Characteristics |
|
| Protection available since | 24 October 2007 00:52:50 (GMT) |
| Detected by | All Sophos products |
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
Action
- Summary
- Action
- More Information
Please follow the instructions for removing Trojans.
More Information
Troj/FakeVir-AK is a Trojan for the Windows platform.
When run Troj/FakeVir-AK installs itself under <Program Files>\SunshineSpy. The following files are installed:
- <Program Files>\SunshineSpy\UNWISE.EXE - clean, can be deleted
- <Program Files>\SunshineSpy\Check Updates.url - clean, can be deleted
- <Program Files>\SunshineSpy\Sunshine Solutions Inc..url - clean, can be deleted
- <Program Files>\SunshineSpy\1.mp3 - clean, can be deleted
- <Program Files>\SunshineSpy\2.mp3 - clean, can be deleted
- <Program Files>\SunshineSpy\3.mp3 - clean, can be deleted
- <Program Files>\SunshineSpy\clean.jpg - clean, can be deleted
- <Program Files>\SunshineSpy\completed.mp3 - clean, can be deleted
- <Program Files>\SunshineSpy\cp32.dll - detected as Troj/FakeVir-AK
- <Program Files>\SunshineSpy\exit.jpg - clean, can be deleted
- <Program Files>\SunshineSpy\index.htm - clean, can be deleted
- <Program Files>\SunshineSpy\sirena.mp3 - clean, can be deleted
- <Program Files>\SunshineSpy\sunio.sys - detected as Troj/FakeVir-AK
- <Program Files>\SunshineSpy\Sunshine.exe - detected as Troj/FakeVir-AK
- <Program Files>\SunshineSpy\wall.htm - clean can, be deleted
- <Program Files>\SunshineSpy\INSTALL.LOG - clean, can be deleted
Registry entries are created under:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sunshine Spy 1.0\
HKLM\SOFTWARE\Wise Solutions\Wise Installation System\Repair\C:/Program Files/SunshineSpy
Troj/FakeVir-AK prevents running of most applications under Windows and thus cripples the computer.
Troj/FakeVir-AK provokes the user with fake virus-spyware warning messages and tries to force the user to purchase an anti-virus and anti-spyware product.
Troj/FakeVir-AK provides an uninstall option which can be accessed via the Add or Remove Programs dialog in the Windows Control Panel. The software is listed as "Sunshine Spy 1.0". Troj/FakeVir-AK prevents the user from trying to uninstall any program.
Troj/FakeVir-AK also incorporates stealthing.
|
