TROJ_FAKEAV.CLS
Posted: February 24, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 9,267 |
|---|---|
| Threat Level: | 2/10 |
| Infected PCs: | 47,573 |
| First Seen: | February 24, 2012 |
|---|---|
| Last Seen: | October 4, 2023 |
| OS(es) Affected: | Windows |
TROJ_FAKEAV.CLS is a Trojan downloader that's used to install fake anti-virus applications and related PC threats. Due to TROJ_FAKEAV.CLS's recent stream of propagation throughout fake Amy Winehouse news sites, SpywareRemove.com malware experts warn to exercise caution for unusual sites that appear in search results, even if a reputable search engine is used. However, at the time of this writing, all confirmed TROJ_FAKEAV.CLS-distributing sites that use standard search engine exploits to modify their listings have been shut down by appropriate authorities, and TROJ_FAKEAV.CLS's brief reign of terror may already be over. Despite this, since TROJ_FAKEAV.CLS circumvents your computer's security and can be a significant danger to your PC, you should be prepared to remove TROJ_FAKEAV.CLS via a reputable anti-malware product's scan as soon as you suspect even the slightest possibility of TROJ_FAKEAV.CLS being on your computer.
TROJ_FAKEAV.CLS – a Scamware Assistant That's Happy to Vanish at a Moment's Notice
Although TROJ_FAKEAV.CLS uses standard Windows Registry-based exploits to launch itself and can, thus, be detected by anti-malware programs without difficulty, TROJ_FAKEAV.CLS does use other functions to hide itself from standard scans. TROJ_FAKEAV.CLS will terminate its own process temporarily if TROJ_FAKEAV.CLS detects sandbox utilities, virtual machine tools, anti-malware scanners or related types of security applications. This may make it difficult to find or remove TROJ_FAKEAV.CLS, and SpywareRemove.com malware researchers recommend that you start initial scans for TROJ_FAKEAV.CLS in Safe Mode and make sure that your anti-malware software has an up-to-date threat database.
TROJ_FAKEAV.CLS may also act to block anti-malware utilities and other programs from running, once again, due to Windows Registry changes – in this case, changes that exploit Windows' debugging function to launch a modified version of the program. TROJ_FAKEAV.CLS was first reported in the middle of 2011, but recent attacks were noted to distribute TROJ_FAKEAV.CLS via malicious websites in 2012. Naturally, SpywareRemove.com malware analysts recommend that you treat any potential TROJ_FAKEAV.CLS infection as a significant danger to your computer's security that should be removed with nigh-violent haste.
How TROJ_FAKEAV.CLS Gets to Your PC and the Results of Its Work
Modern TROJ_FAKEAV.CLS attacks are noted for their presence on malicious websites that exploited black hat SEO (in other words, search engine optimization) techniques to force themselves to the top of results lists for popular search engines. TROJ_FAKEAV.CLS has, so far, been noted to limit itself to sites that claim to offer news about the demise of Amy Winehouse, and although all such identified sites have been closed, other sites may continue TROJ_FAKEAV.CLS's propagation scheme in the future.
When TROJ_FAKEAV.CLS does have access to websites that allow TROJ_FAKEAV.CLS to update itself and continue its other functions, TROJ_FAKEAV.CLS will try to download and install malware without permission – including rogue anti-malware, security or system analysis products. SpywareRemove.com malware research team recommends that you be cautious about the possibility of fake alerts and warning messages that are often a byproduct of the presence of TROJ_FAKEAV.CLS's payload. TROJ_FAKEAV.CLS is specific to Windows 2000, Server 2003 and Windows XP, and you have the leisure of considering yourself safe from TROJ_FAKEAV.CLS if you use a different OS.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.