Aliases: Security Essentials Ultimate Pack (other) Trojan.FakeAlert.AUW (BitDefender) Win32/FakeAV.ABR (CA) Fraudtool.XPAntivirus.BCVY (VirusBuster) Adware/AntivirusXPPro (Panda) AntiVirus2008 (Symantec) Advanced Virus Remover (other) Win32/AdvancedVirusRemover.G (CA) Internet Security 2010 (other) FakeAlert-KS.a (McAfee) W32/FakeAlert.BRQF (Norman) Trojan.Fakealert.12876 (Dr.Web) Win32/TrojanDownloader.FakeAlert.AED (ESET) Trojan-Downloader.Win32.Fakeinit (Ikarus) FakeAlert!eh (McAfee) Mal/FakeAV-BW (Sophos) Trojan.FakeAV!gen18 (Symantec) TROJ_FAKEAL.SMDP (Trend Micro) Security Essentials 2010 (other) Antivirus XP Pro (other) Security Essentials 2011 (other) Antivirus Antisyware 2011 (other)
Windows Defender detects and removes this threat.
A trojan within this family consists of a downloader component and a fake scanner component. The downloader stops certain processes, lowers security settings, changes the desktop background, and tries to download other malware like Trojan:Win32/Alureon.CT. It also blocks access to webpages from certain domains.
The following free Microsoft software detects and removes this threat:
- Microsoft Security Essentials or, for Windows 8, Windows Defender
- Microsoft Safety Scanner
- Microsoft Windows Malicious Software Removal Tool
Even if we've already detected and removed this particular threat, running a full scan might find other malware that is hiding on your PC.
You can also visit the Microsoft virus and malware community for more help.
Additional remediation instructions for this threat
This threat might make lasting changes to your PC's settings that won't be restored when it's cleaned. The following steps can help change these settings back to what you want:
- Reset Internet Explorer settings
- Change security and privacy settings for Internet Explorer
- Enable Internet Explorer filters:
- Enable Task Manager:
- For other support and help related articles, go to:
- Microsoft Security TechNet Center