Win32/FakeScanti is a rogue that claims to scan for malware and displays fake warnings of "malicious programs and viruses". It tells you that you need to pay to register this fake program and remove the non-existent threats. Win32/FakeScanti variants have been observed to use names like:

• AKM Antivirus Pro
• AV Guard Online
• BlueFlare Antivirus
• Guard Online
• Milestone Antivirus
• Open Cloud AV
• OpenCloud Antivirus
• Security Guard 2012
• Sysinternals Antivirus
• Windows Antivirus Pro
• Windows Police Pro
• XJR Antivirus
• Your PC Protector

AV Security 2012 is a variant of Win32/FakeScanti - a family of trojans that claim to scan for malware and display fake warnings of "malicious programs and viruses". It then informs the user that they need to pay money to register the software in order to remove these non-existent threats. The malware may also attempt to terminate processes and block access to websites.

AV Guard Online is a variant of Win32/FakeScanti - a family of trojans that claim to scan for malware and display fake warnings of "malicious programs and viruses". It then informs the user that they need to pay money to register the software in order to remove these non-existent threats. The malware may also attempt to terminate processes and block access to websites.

BlueFlare Antivirus is a variant of Win32/FakeScanti - a family of trojans that claim to scan for malware and display fake warnings of "malicious programs and viruses". It then informs the user that he needs to pay money to register the software in order to remove these non-existent threats. The malware may also attempt to terminate processes and block access to websites.

OpenCloud Security is a variant of Win32/FakeScanti - a family of trojans that claim to scan for malware and display fake warnings of "malicious programs and viruses". It then informs the user that they need to pay money to register the software in order to remove these non-existent threats. The malware may also attempt to terminate processes and block access to websites.

Open Cloud AV is a variant of Win32/FakeScanti - a family of trojans that claim to scan for malware and display fake warnings of "malicious programs and viruses". It then informs the user that they need to pay money to register the software in order to remove these non-existent threats. The malware may also attempt to terminate processes and block access to websites.

OpenCloud Antivirus is a variant of Win32/FakeScanti - a family of trojans that claim to scan for malware and display fake warnings of "malicious programs and viruses". It then informs the user that they need to pay money to register the software in order to remove these non-existent threats. The malware may also attempt to terminate processes and block access to websites.

Security Guard 2012 is a variant of Win32/FakeScanti - a family of trojans that claim to scan for malware and display fake warnings of "malicious programs and viruses". It then informs the user that they need to pay money to register the software in order to remove these non-existent threats. The malware may also attempt to terminate processes and block access to websites.

System Security 2012 is a variant of Win32/FakeScanti - a family of trojans that claim to scan for malware and display fake warnings of "malicious programs and viruses". It then informs the user that they need to pay money to register the software in order to remove these non-existent threats. The malware may also attempt to terminate processes and block access to websites.

Windows Defender Antivirus detects and removes this threat. See the Win32/FakeScanti description for more information.

This threat has been renamed to Rogue:Win32/FakeScanti.

Sysinternals Antivirus is a variant of Win32/FakeScanti - a family of programs that claims to scan for malware and displays fake warnings of “malicious programs and viruses”. They then inform the user that they need to pay money to register the software in order to remove these non-existent threats.

Wireshark Antivirus is a variant of Win32/FakeScanti - a family of programs that claims to scan for malware and displays fake warnings of “malicious programs and viruses”. They then inform the user that they need to pay money to register the software in order to remove these non-existent threats.

Win32/FakeScanti is a family of trojans that claim to scan for malware and display fake warnings of “malicious programs and viruses”. They then inform the user that they need to pay money to register the software in order to remove these non-existent threats. Win32/FakeScanti variants have been observed to use names such as “Windows Antivirus Pro.”

 

Special Note:
Reports of Rogue Antivirus programs have been more prevalent as of late.  These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software.  Some of these programs may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products. 

 

To detect and remove this threat and other malicious software that may be installed in your computer, run a full-system scan with an up-to-date antivirus product such as the following:

 

• Microsoft Security Essentials
• Windows Defender
• Microsoft Safety Scanner
• Microsoft Windows Malicious Software Removal Tool

 

For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.