6 entries found.
Antivirus2009
Updated on Jan 19, 2010
Antivirus 2009 is a variant of Win32/FakeXPA - a family of programs that claims to scan for malware and displays fake warnings of “malicious programs and viruses”. They then inform the user that they need to pay money to register the software in order to remove these non-existent threats. Some members of the Win32/FakeXPA family may also download additional malware and have been observed in the wild downloading variants of Win32/Alureon.
Special Note:
Reports of Rogue Antivirus programs have been more prevalent as of late. These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software. Some of these programs, such as Trojan:Win32/Antivirusxp and Program:Win32/FakeRednefed may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products. These products may represent themselves as “Antivirus XP”, “AntivirusXP 2008”, “WinDefender 2008”, “XP Antivirus”, or similar.
Reports of Rogue Antivirus programs have been more prevalent as of late. These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software. Some of these programs, such as Trojan:Win32/Antivirusxp and Program:Win32/FakeRednefed may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products. These products may represent themselves as “Antivirus XP”, “AntivirusXP 2008”, “WinDefender 2008”, “XP Antivirus”, or similar.
Use Microsoft Windows Defender, Microsoft Security Essentials, the Microsoft Safety Scanner, or another up-to-date scanning and removal tool to detect and remove this threat and other unwanted software from your computer. For more information on Microsoft security products, see http://www.microsoft.com/protect/products/computer/default.mspx.
Alert level:
low
Program:Win32/Antivirus2009
Updated on Jul 29, 2008
This program was detected by definitions prior to 1.159.567.0 as it violated the guidelines by which Microsoft identified unwanted software. Based on analysis using current guidelines, the program does not have unwanted behaviors.
Alert level:
high
TrojanDownloader:Win32/Renos.gen!BA
Updated on Jan 08, 2009
Win32/Renos.gen!BA is a generic detection for a family of trojan downloaders that display fake warning messages indicating that spyware or malware has been detected on the machine, before downloading rogue security products, most notably Program:Win32/Antivirusxp or Trojan:Win32/FakeXPA. In the wild, Win32/Renos.gen!BA has been distributed via spam e-mail messages.
Alert level:
severe
Rogue:Win32/FakeYak
Updated on Aug 18, 2010
Rogue:Win32/FakeYak is a family of fake antivirus products, using names such as Zentom System Guard or Antimalware Doctor, that claim to scan for malware and display fake warnings of malicious files. They then inform the user that they need to pay money to register the software in order to remove these non-existent threats.
Alert level:
severe
Rogue:Win32/FakeFast
Updated on Aug 18, 2010
Win32/FakeFast is a family of programs that claims to scan for malware and displays fake warnings of "malicious programs and viruses". They then inform the user that they need to pay money in order to remove these non-existent threats.
Alert level:
severe
Rogue:Win32/FakeCog
Updated on Sep 15, 2010
Windows Defender Antivirus detects and removes this threat.
This threat claims to scan your PC for malware and then shows you fake warnings. They try to convince you to pay to register the software to remove the non-existent threats.
See the Win32/FakeCog description for more information.
Alert level:
severe