Windows Defender Antivirus detects and removes this threat. See the Win32/FakeRean description for more information.

Find out ways that malware can get on your PC.  

 

Special Note:
Reports of Rogue Antivirus programs have been more prevalent as of late.  These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software.  Some of these programs may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products. 

 

To detect and remove this threat and other malicious software that may be installed in your computer, run a full-system scan with an up-to-date antivirus product such as the following:

 

• Microsoft Security Essentials
• Windows Defender
• Microsoft Safety Scanner

 

For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.

Windows Defender detects and removes this threat.

The threat is a rogue, which means it pretends to be security software. It looks and acts like Windows Defender, but is completely fake.

It uses names such as "Spyware Defender" or "System Defender".

It says it finds malware, viruses, and threats on your PC, and that you need to pay money to fully remove them. The threats do not exist - the rogue is just trying to scare you into paying money for a piece of software that does not work. 

The threat might also block access to some websites, change your PC's security settings, and open Internet Explorer windows that load adult content.

It might have been downloaded onto your PC by another malware, or you might have been tricked into downloading it, thinking it was legitimate. 

Find out ways that malware can get on your PC.  

Windows Defender Antivirus detects and removes this threat. See the Win32/FakePAV description for more information.

 

Special Note:

SpySheriff may be installed without user consent, and may then display a dialog box suggesting malware has been found, and prompting the user to buy software to remove the malware that doesn't exist. SpySheriff may download and install program updates without notifying the user.

Rogue:Win32/SpyAxeis a program that displays misleading warning messages to convince users to purchase a product that removes spyware. It might have a desktop icon that looks like the following:

Rogue:MacOS_X/FakeMacdef is a family of rogue programs that affect Mac OSX. They claim to scan for malware and display fake warning messages regarding “malicious programs and viruses”. They attempt to scare you into paying for the fake product by displaying fake scan results, infection messages and warnings.

You can read more on our rogue page.

Rogue:MSIL/Zeven is a family of programs that claims to scan for malware and displays fake warnings of "malicious programs and viruses". They then inform the user that they need to pay money to register the software in order to remove these non-existent threats. MSIL/Zeven also has the ability to mimic browser pages that indicate a particular website is blocked; the fake warning pages offer a "solution" for download; the "solution" is actually a copy of Rogue:MSIL/Zeven.

Windows Defender detects and removes this threat.

This rogue security program falsely claims that your PC is infected with malware. It then encourages you to pay for a product to remove the "threats" from your PC.

See the Win32/FakeSpypro family description for more information.

Win32/FakeFast is a family of programs that claims to scan for malware and displays fake warnings of "malicious programs and viruses". They then inform the user that they need to pay money in order to remove these non-existent threats.

Windows Defender detects and removes this threat.

This threat tries to download rogue security software onto your PC, including Win32/FakeRean.

It runs when you visit a malicious web page and move your mouse cursor over certain graphics or images.

Win32/FakeSmoke is a family of trojans consisting of a fake Security Center interface and a fake antivirus program. The fake Security Center interface displays fake security notifications in the system and is designed to look identical to the legitimate Windows Security Center. It prompts the user to register the fake antivirus program.

 

The fake antivirus program may be known by several names, including WinBlueSoft and WiniBlueSoft. This program pretends to scan for malware infections and then displays a fake notification that malware has been detected in the system. It then prompts the user to enter a registration code, which is available only if the user purchases the fake product.

 

Special Note:
Reports of Rogue Antivirus programs have been more prevalent as of late.  These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software.  Some of these programs, such as Win32/Antivirusxp and Win32/FakeRednefed may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products.  These products may represent themselves as “Antivirus XP”, “AntivirusXP 2008”, “WinDefender 2008”, “XP Antivirus”, or similar.

 

To detect and remove this threat and other malicious software that may be installed in your computer, run a full-system scan with an up-to-date antivirus product such as the following:

 

• Microsoft Security Essentials
• Windows Defender
• Microsoft Safety Scanner

For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.

Windows Defender detects and removes this threat.

This threat is a webpage that claims your PC is infected with malware. It asks you to phone a number to receive technical support to help remove the malware.

The website is a hoax and cannot find malware on your PC.

You can read more about this type of threat on our rogue security software page.

Find out ways that malware can get on your PC.

Windows Defender detects and removes this threat.

This rogue security website pretends to scan your PC for malware, and often report lots of infections. It will say you have to pay for it before it can fully clean your PC.

However, it hasn't really detected any malware at all and isn't really an antivirus or antimalware scanner. It just looks like one so you'll send money to the people who made the rogue. The websites use product names or logos that unlawfully impersonate Microsoft products.

Even if you do pay, it won't do anything because your PC isn't actually infected with all that malware it "found".

Find out ways that malware can get on your PC.