FakeAv Antivirus XP 2010

Same as we posted last week, Trojan.FakeAv continues to be one of the highest hitting families of malware prevented in the ThreatFire community again this week. And, because so many users continue using Windows XP, it is this variant of the family that continues to pop up the most. Frequently, the malware resides simply as “av.exe” on users’ systems:


The bogus software follows the trends that we presented at Virus Bulletin 2008 two years ago, where we noted the rising FakeAv families and technical details of “Recent Rogueware”, similarities with previous other malware families, and their delivery.


This entry was posted in Malware Alerts and tagged . Bookmark the permalink.

2 Responses to FakeAv Antivirus XP 2010

  1. I had gotten the xp virus form an email that I responded through a family member and when I scaned the attachment it came up clean so i opened it and it was some pictures that i had asked for. Then in a matter of seconds this xp antivirus installed itself on my computer. I had to format the whole thing. this thing sucks if you catch it.

  2. Rick Adams says:

    A friend call me complaining that they could not get their computer to “run properly”, ie. they had a pop up that stated that they had viruses and trojans and to “clic here” to clean their computer, unknowingly they cliced on the entry. by the time they had called me the malacious software had shut down their ability to run any of the anti-virus software, or anyprogram that would aid in removing this threat, they had AVG 8.5 and Spyware Doctor installed on their computer, definations for the AVG was out of date, and the Spyware Doctor updates itself, regardless this threat stopped every attempt to remove it and ultimatly I ended up doing a complete formatte of thier system to remove this threat.
    It would seem to be some type of AV/ Antivirus rougue software.
    It was explained to me by the owner of the computer, that their son had been playing games on some site when the rougue software got somehow installed. They were running XP Home on this computer.
    The owner had their own XP disk, that I re-installed, updated from the Microsoft.com site and installed AVG 9.0, Spyware Doctor, Spybot Search and Destroy. I explained to them that they should look into getting a firwall, and as well should install “Threatfire”, even if it was the free edition, to aid in helping to prevent this from happening again, however the owner declined my offer and said they would monitor the childs activity more closely. I expect them to be calling in the next month to have me once again recover or reformatte their system once again, hopfully they take my advice and will install appropriate software to protect their system in the future.

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>