Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
22 entries found. Displaying page 1 of 2.
Updated on Sep 05, 2014

Windows Defender detects and removes this threat.

This rogue security program falsely claims that your PC is infected with malware. It then encourages you to pay for a product to remove the "threats" from your PC.

See the Win32/FakeSpypro family description for more information.

Alert level: severe
Updated on May 20, 2014

Windows Defender detects and removes this threat.

This rogue security program falsely claims that your PC is infected with malware. It then encourages you to pay for a product to remove the "threats" from your PC.

See the Win32/FakeSpypro family description for more information.

Also detected as: Rogue:Win32/FakeSpypro(Microsoft)
Alert level: low
Updated on Sep 05, 2014

Windows Defender detects and removes this threat.

This family of rogue security programs pretend to scan your PC for malware, and often report lots of infections. The program will say you have to pay for it before it can fully clean your PC.

However, the program hasn't really detected any malware at all and isn't really an antivirus or antimalware scanner. It just looks like one so you'll send money to the people who made the program. Some of these programs use product names or logos that unlawfully impersonate Microsoft products.

Different brands of the rogues may modify various settings on your computer, end or close programs or system services, or block access to websites.

Find out ways that malware can get on your PC.

Alert level: high
Updated on May 16, 2015
Alert level: severe
Updated on May 20, 2014

Windows Defender detects and removes this threat.

This rogue security program falsely claims that your PC is infected with malware. It then encourages you to pay for a product to remove the "threats" from your PC.

See the Win32/FakeSpypro family description for more information.

Alert level: severe
Updated on May 20, 2014

Windows Defender detects and removes this threat.

This rogue security program falsely claims that your PC is infected with malware. It then encourages you to pay for a product to remove the "threats" from your PC.

See the Win32/FakeSpypro family description for more information.

Alert level: low
Updated on Mar 31, 2011
Alert level: severe
Updated on Apr 11, 2011
TrojanDropper:Win32/Fainli.A is a trojan that drops several malware in the computer.
Alert level: severe
Updated on Apr 11, 2011
PWS:Win32/Dumcus.A is a password stealing trojan. It may also download a rogue security program that calls itself Spywrprotect2009 to the affected machine. This program may be detected as Trojan:Win32/FakeSpyPro.
Alert level: severe
Updated on Apr 20, 2011

TrojanDropper:Win32/Hiloti.gen!A drops and installs several malware into the affected computer.

Alert level: severe
Updated on Apr 11, 2011
Antispyware Soft is a variant of Win32/FakeSpypro - a family of programs that claims to scan for malware and displays fake warnings of “malicious programs and viruses”. They then inform the user that they need to pay money to register the software in order to remove these non-existent threats.
 
Special Note:
Reports of Rogue Antivirus programs have been more prevalent as of late.  These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software.  Some of these programs may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products. 
 
Use Microsoft Windows Defender, Microsoft Security Essentials, the Microsoft Safety Scanner, or another up-to-date scanning and removal tool to detect and remove this threat and other unwanted software from your computer. For more information on Microsoft security products, see http://www.microsoft.com/protect/products/computer/default.mspx.
Alert level: high
Updated on Apr 11, 2011
TrojanDropper:Win32/Preald.B is a trojan that installs additional malware onto an affected machine.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Branvine.A is a trojan that downloads and executes arbitrary files. In the wild it has been observed downloading and installing malware from several different families, including some associated with Rogue security software.
Alert level: severe
Updated on Apr 11, 2011
TrojanDropper:Win32/Preald.A is a trojan that installs additional malware onto an affected machine.
Alert level: severe
Updated on Apr 11, 2011
Java/Selace is a family of trojans that attempts to exploit a vulnerability in the Java Runtime Environment in order to run code of an attacker's choice. These trojans attempt to exploit the vulnerability described by CVE Reference: CVE-2008-5353 in order to run unauthorized code in a privileged context.
Alert level: severe
Updated on Apr 11, 2011
Java/Selace is a family of trojans that attempts to exploit a vulnerability in the Java Runtime Environment in order to run code of an attacker's choice. These trojans attempt to exploit the vulnerability described by CVE Reference: CVE-2008-5353 in order to run unauthorized code in a privileged context.
Alert level: severe
Updated on Apr 11, 2011
Java/Selace is a family of trojans that attempts to exploit a vulnerability in the Java Runtime Environment in order to run code of an attacker's choice. These trojans attempt to exploit the vulnerability described by CVE Reference: CVE-2008-5353 in order to run unauthorized code in a privileged context.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Bredolab is a detection for malware that connects to a remote server to download and execute other files.
Alert level: severe
Updated on Apr 11, 2011
TrojanDownloader:Win32/Unruy.C is a trojan that replaces certain executable files and downloads other malware such as Trojan:Win32/FakeSpypro.
Alert level: severe
Updated on Apr 11, 2011
Trojan:Win32/Tibs.IT is a generic detection for files used across multiple pieces of malware affiliated with the Tibs malware family. Win32/Tibs malware typically use a particular method of code obfuscation in an attempt to avoid detection. The malware that lies "underneath" may have virtually any purpose.
Alert level: severe