TrojanDownloader:Win32/Chepvil.I
TrojanDownloader:Win32/Chepvil.J
Spammer:Win32/Fifesock.C
Spammer:Win32/Fifesock.C is a component of Win32/Fifesock - a multiple component trojan family that injects code into Internet Explorer and Firefox in order to steal the user’s social networking credentials for sites such as Facebook, and then uses these credentials to send spam to their contacts. It may also download and execute arbitrary files. Some variants have also been observed to install rogue security software such as Rogue:Win32/Winwebsec.
Rogue:Win32/Defmid
Windows Defender Antivirus detects and removes this threat. See the Win32/Defmid description for more information.
Rogue:Win32/Fakeinit
Windows Defender Antivirus detects and removes this threat. See the Win32/Fakeinit description for more information.
Rogue:Win32/SpySheriff
SpySheriff may be installed without user consent, and may then display a dialog box suggesting malware has been found, and prompting the user to buy software to remove the malware that doesn't exist. SpySheriff may download and install program updates without notifying the user.
Rogue:Win32/SpyAxe
Rogue:VBS/FakePAV
Windows Defender detects and removes this threat.
This threat is a file that is used to download rogue security software programs that we detect as Win32/FakePav.
See the Win32/FakePAV description for more information.
Rogue:JS/FakeCall.D
Windows Defender detects and removes this threat.
This threat is a webpage that claims that your PC is infected with malware. It asks you to call a technical support number to help remove the malware.
The website is a hoax and cannot find malware on your PC.
You can read more about this type of threat on our rogue security software page.
Rogue:Win32/FakeRemoc
Rogue:JS/FakeXPA
Windows Defender Antivirus detects and removes this threat. See the Win32/FakeXPA description for more information.
Rogue:Win32/FakeXPA
Windows Defender Antivirus detects and removes this threat. See the Win32/FakeXPA description for more information.
Rogue:Win32/FakeSpypro
Windows Defender detects and removes this threat.
This rogue security program falsely claims that your PC is infected with malware. It then encourages you to pay for a product to remove the "threats" from your PC.
See the Win32/FakeSpypro family description for more information.
Rogue:JS/FakeAV
Windows Defender detects and removes this threat.
This threat tries to download rogue security software onto your PC, including Win32/FakeRean.
It runs when you visit a malicious web page and move your mouse cursor over certain graphics or images.
Rogue:Win32/FakeFast
Rogue:MacOS_X/FakeMacdef
Rogue:MacOS_X/FakeMacdef is a family of rogue programs that affect Mac OSX. They claim to scan for malware and display fake warning messages regarding “malicious programs and viruses”. They attempt to scare you into paying for the fake product by displaying fake scan results, infection messages and warnings.
You can read more on our rogue page.
Rogue:MSIL/Rustliver
Windows Defender Antivirus detects and removes this threat.
This threat claims to scan for malware and then shows you fake warnings about “malicious programs and viruses”. It then asks you to pay money to remove the fake threats.
Our rogue security software page has more information about this type of threat.
Rogue:Win32/InternetAntivirus
Windows Defender Antivirus detects and removes this threat. See the Win32/InternetAntivirus description for more information.
Rogue:Win32/Defru
Windows Defender detects and removes this threat.
This rogue security website pretends to scan your PC for malware, and often report lots of infections. It will say you have to pay for it before it can fully clean your PC.
However, it hasn't really detected any malware at all and isn't really an antivirus or antimalware scanner. It just looks like one so you'll send money to the people who made the rogue. The websites use product names or logos that unlawfully impersonate Microsoft products.
Even if you do pay, it won't do anything because your PC isn't actually infected with all that malware it "found".
Rogue:Win32/Winwebsec
Windows Defender Antivirus detects and removes this threat. See the Win32/Winwebsec description for more information.