Skip to main content
Published Mar 06, 2009 | Updated Sep 15, 2017

TrojanDownloader:Win32/FakeScanti

Detected by Microsoft Defender Antivirus

Aliases: Win Antivirus Vista/XP (other) ASC-AntiSpyware (other) Win-Trojan/Fraudload.220680 (AhnLab) Trojan.Generic.1524502 (BitDefender) Win32/TrojanDownloader.FakeAlert.YX (ESET) Trojan-Downloader.Win32.FraudLoad.vlsh (Kaspersky) Generic Downloader.x (McAfee) W32/DLoader.OZFZ (Norman) Adware/Xpantivirus2008 (Panda) Mal/Inet-Fam (Sophos) Trojan.DL.FraudLoad.CGS (VirusBuster) Win32/WindowsPolicePro.A (CA)

Summary

Win32/FakeScanti is a family of trojans that claim to scan for malware and display fake warnings of “malicious programs and viruses”. They then inform the user that they need to pay money to register the software in order to remove these non-existent threats. Win32/FakeScanti variants have been observed to use names such as “Windows Antivirus Pro.”
 
Special Note:
Reports of Rogue Antivirus programs have been more prevalent as of late.  These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software.  Some of these programs may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products. 
 
To detect and remove this threat and other malicious software that may be installed in your computer, run a full-system scan with an up-to-date antivirus product such as the following:
 
 
For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.
To detect and remove this threat and other malicious software that may be installed in your computer, run a full-system scan with an up-to-date antivirus product such as the following:
 
 
For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.
Follow us