Trojan.FakePowavTrojan.FakePowav is further classified by many experts as the following: * Worm * Cloaked Malware The following are symptoms associated with this type of malicious application: * Allows parasites associated with the file to operate invisibly in the background. * May record your credit cards, bank passwords and other personal information. * Parasites operate on your PC while malicious file is present on the system. Trojan.FakePowav has been seen to perform the following behavior: * Adds a Registry Key (RUN) to auto start Programs on system start up * Reads your outlook address book * This process creates other processes on disk * This Process is a file infector which modifies program files to include a copy of the infection * Looks at the contents of the autoexec.bat file * Includes file creation code which could be used to test for interception by security products * Opens browser pop ups * Found on infected systems and resists interrogation by security products * Created as a process on disk * Executed as a Process * Added as a Registry auto start to load Program on Boot up * Terminated as a Process * Deleted as a process from disk We recommend running a scan of the infected computer in order to detect any additional spyware threats. One should make use of a legitimate antispyware tool, to ensure this PC threat, Trojan.FakePowav, is totally eradicated from the infected system. | ||
| ||
|
Danger level: 
8
8
How to manually remove Trojan.FakePowav
Files associated with Trojan.FakePowav infection:
Rapid Antivirus.exe
lsascs.exe
Power-Antivirus-2009.exe
s_5849_OTl8fHx8OTl8fHwxMjQzNDc4NDcxfA_.dbx
lsascs.exe
Power-Antivirus-2009.exe
s_5849_OTl8fHx8OTl8fHwxMjQzNDc4NDcxfA_.dbx
Trojan.FakePowav processes to kill:
Rapid Antivirus.exe
lsascs.exe
Power-Antivirus-2009.exe
lsascs.exe
Power-Antivirus-2009.exe
Remove Trojan.FakePowav registry entries:
RUNNING PROGRAMPower-Antivirus-2009.exe
RUNNING PROGRAMRapid Antivirus.exe
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN System Protector
HKEY_CURRENT_USERSOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN Power-Antivirus-2009
RUNNING PROGRAMs_5849_OTl8fHx8OTl8fHwxMjQzNDc4NDcxfA_.dbx
RUNNING PROGRAM\Power-Antivirus-2009.exe
RUNNING PROGRAM\Rapid Antivirus.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ System Protector
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Power-Antivirus-2009
RUNNING PROGRAM\s_5849_OTl8fHx8OTl8fHwxMjQzNDc4NDcxfA_.dbx
RUNNING PROGRAMRapid Antivirus.exe
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN System Protector
HKEY_CURRENT_USERSOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN Power-Antivirus-2009
RUNNING PROGRAMs_5849_OTl8fHx8OTl8fHwxMjQzNDc4NDcxfA_.dbx
RUNNING PROGRAM\Power-Antivirus-2009.exe
RUNNING PROGRAM\Rapid Antivirus.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ System Protector
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Power-Antivirus-2009
RUNNING PROGRAM\s_5849_OTl8fHx8OTl8fHwxMjQzNDc4NDcxfA_.dbx
Post comment — WE NEED YOUR OPINION!