Rogue:Win32/FakePAV DescriptionWin32/FakePAV is a Trojan that has been associated with a very large family of rogue security programs. Some of the dozens of fake security applications associated with Win32/FakePAV include Windows Secure Surfer, Windows Attention Utility, Clean This, Peak Protection 2010 and ThinkPoint. Since Win32/FakePAV poses a severe threat to any PC, Win32/FakePAV shouldn't be allowed to stay in the infected machine, and it is best to remove it right away with a dependable anti-malware application. Most of the time, other components will be involved in a Win32/FakePAV-related infection. This makes manual removal impractical and automated removal with a reliable anti-malware program the preferred course of action. It is also important to note that other malware, such as a rootkit component may also be present on the victim's computer.
Malware associated with the Win32/FakePAV Trojan scams its victims by displaying a large number of misleading error messages. These are designed to mimic those displayed by Microsoft Security Essentials in order to convince the victim to download and pay for a bogus security program. Win32/FakePAV has the ability to terminate various file processes repeatedly, including Windows Registry Editor, Windows Restore, Internet Explorer and a number of known anti-virus programs in order to protect itself from removal and detection. Since Win32/FakePAV makes changes to the Windows Registry that allow Win32/FakePAV to start up automatically when the victim logs into Windows, it is advised to start up the infected computer in Safe Mode in order to prevent Win32/FakePAV from blocking access to your anti-malware software.
Understanding the Win32/FakePAV Scam
Rogue security programs in the Win32/FakePAV family, such as ThinkPoint and Palladium Pro, harass computer users with alarming error messages. They also cause browser redirects and cause the infected computer to behave erratically and to perform poorly. Inexperienced computer users may believe Win32/FakePAV's claims, paying for an expensive upgrade for a fake anti-virus application. One of the most dangerous aspects of a Win32/FakePAV infection is that these fake security programs will seldom attack alone. A Win32/FakePAV infection will often be accompanied by a Trojan dropper infection and will often occur in the presence of a dangerous rootkit component. Because of this, a Win32/FakePAV infection will usually mean that the victim's computer is exposed to other malware threats, placing the victim's sensitive data at risk.
Aliases: TROJ_GEN.RC1H1GV [TrendMicro-HouseCall], Backdoor/PcClient.qwi [Jiangmin], a variant of Win32/Kryptik.AJDN [ESET-NOD32], Rogue.FakeAV [Malwarebytes], Trojan.Win32.Jorik.vquqj [NANO-Antivirus], TROJ_FAKEAV.MZB [TrendMicro-HouseCall], Win32:FakeAV-DQY [Trj] [Avast], Trojan.Win32.Jorik.Fraud.qsl [Kaspersky], Adware.WintionalityCheck!1/PhMrMoXzY [Agnitum], Trojan.Siggen4.11689 [DrWeb], Gen:Heur.Zilix.35 (B) [Emsisoft], Trojan.Win32.FakeAV.1918976 [ViRobot], W32/Troj_Generic.CLVKT [Norman], Win32:FakeAlert-CSE [Trj] [Avast] and Gen:Variant.Kazy.77998 [BitDefender].
Infected with Rogue:Win32/FakePAV? Scan Your PC for FreeDownload SpyHunter’s Spyware Scanner
to Detect Rogue:Win32/FakePAV
Security Doesn't Let You Download SpyHunter or Access the Internet?
Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in 'Safe Mode with Networking' and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
If you still can't install SpyHunter? View other possible causes of installation issues.
Our MalwareTracker shows malware activity across the world. Explore real-time data of Rogue:Win32/FakePAV outbreaks and other threats from global to local level.
File System Details
Rogue:Win32/FakePAV creates the following file(s):
|#||File Name||Size||MD5||Detection Count|