Trojan:Win32/FakeScanti
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 14,271 |
| Threat Level: | 10 % (Normal) |
| Infected Computers: | 1,864 |
| First Seen: | December 1, 2009 |
| Last Seen: | July 5, 2023 |
| OS(es) Affected: | Windows |
FakeScanti is a generic term for a family of Trojans associated with a large number of rogue security applications. FakeScanti Trojans claim that the computer system is being scanned for viruses or malware threats. Then, Trojan:Win32/FakeScanti claims that the victim must purchase a specific security application to remove these threats. Of course, all of FakeScanti's claims are false; the computer is not infected with viruses and the security programs FakeScanti sells are fake. FakeScanti is an essential part of a well-known computer scam. Some fake security applications associated with FakeScanti include OpenCloud Antivirus, OpenCloud Security,Your PC Protector, Personal Shield Pro,Sysinternals Antivirus, and Milestone Antivirus. These fake security programs are known as rogue security programs. Programs such as these are designed to display fake security alerts and error messages in an attempt to convince a victim to purchase a useless computer security application. These fake security programs can be quite convincing, often using a design, logo and fonts that are identical to those used by legitimate products from Microsoft. ESG security researchers recommend the use of a reputable anti-malware application to remove these false security programs from your computer system.
Table of Contents
Symptoms of a FakeScanti Trojan Infection
There are several symptoms of FakeScanti Trojan infections. Usually, your computer system will have new files created in the System folder, such as desot.exe and svchasts.exe. A FakeScanti also makes harmful changes to the Windows Registry. The most obvious symptom of a FakeScanti Trojan infection is the presence of a variety of fake error messages and pop-up notifications from the task. Usually, a FakeScanti Trojan infection will also create an entry in your Windows Start Menu and a shortcut on your desktop for Trojan:Win32/FakeScanti's fake security application.
How the FakeScanti Attempts to Trick You into Buying It
The main tactic that the FakeScanti Trojan uses in order to trick you into buying FakeScanti, is running a fake scan of your computer system. Then, Trojan:Win32/FakeScanti displays a list of files that FakeScanti claims are severely infected with viruses or Trojans. If the victim clicks on the "clean infections" button, FakeScanti claims that a registration code for the fake security program must be purchased first. ESG security researchers recommend ignoring this recommendation. Rogue security programs associated with the FakeScanti have absolutely no way of detecting or removing infections from your computer system. This is a scam designed to prey on computer users inexperienced in computer security and safe Internet browsing.
Aliases
15 security vendors flagged this file as malicious.
| Anti-Virus Software | Detection |
|---|---|
| Panda | Generic Malware |
| AVG | FakeAlert.SF |
| Fortinet | W32/FakeAV.AXNT!tr |
| Ikarus | Trojan.Fakealert |
| Sunbelt | Trojan.Win32.Generic.pak!cobra |
| a-squared | Trojan.Fakealert!IK |
| Antiy-AVL | Trojan/Win32.FraudPack.gen |
| eTrust-Vet | Win32/SysinternalsAntivirus.D |
| McAfee-GW-Edition | Artemis!0E6D024A5238 |
| AntiVir | TR/FakeScanti.A.229 |
| Comodo | Heur.Suspicious |
| BitDefender | Gen:Variant.FakeAlert.12 |
| Kaspersky | Trojan.Win32.FraudPack.axnt |
| F-Prot | W32/Trojan2.MWJI |
| NOD32 | Win32/Adware.PCProtector.A |
SpyHunter Detects & Remove Trojan:Win32/FakeScanti
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | shk_v10.dll | 991802e7fca6cc47e264e06b59d2376c | 509 |
| 2. | shk_v10.dll | f2a24dc55e7baed021ca816ee0144a94 | 255 |
| 3. | adc_w32.dll | ba52ad9b31fe50e8a5cfb75362401402 | 124 |
| 4. | shk_v10.dll | 2f6ec61bbe1c3b0ba1d156bb832d2a9e | 65 |
| 5. | adc_w32.dll | 88e8aaa8026c16061e80090c30e03f88 | 47 |
| 6. | adc_w32.dll | 2aec96e36200b76914851d7a3ed78a19 | 32 |
| 7. | shk_v10.dll | 725338f6c2ca458d7ea6857b471e3bd0 | 29 |
| 8. | shk_v10.dll | 493dcaa062c18c5550c7d553e9301fbe | 12 |
| 9. | adc_w32.dll | 23bcde829d7c222cbfafefb6c3d9db21 | 10 |
| 10. | adc_w32.dll | 0b39db8f896b89884cdd4f25e4a753bc | 6 |
| 11. | adc_w32.dll | c27e6d61d93c9f1c14c41e8289106f22 | 3 |
| 12. | svchost.exe | 12fceb054d18c433152e12f760059573 | 2 |
| 13. | svchost.exe | 601512b966862d5f9cec1dde7f186676 | 1 |
| 14. | adc_w32.dll | a1a60f941f331dfc3df3607412238bc1 | 1 |
| 15. | adc_w32.dll | bd85650604d3ceb537fdc2924e551dd0 | 1 |
| 16. | plugie.dll | 17eabc7ea492a63dd6b4f7e6335d0b85 | 0 |
