Trojan:Win32/FakeScanti
Posted: August 4, 2009
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Ranking: | 14,578 |
---|---|
Threat Level: | 1/10 |
Infected PCs: | 4,370 |
First Seen: | December 1, 2009 |
---|---|
Last Seen: | October 10, 2023 |
OS(es) Affected: | Windows |
Trojan:Win32/FakeScanti is a subcategory of rogue anti-virus programs that display similar types of fake warning messages in an attempt to make you spend money on a nonexistent virus-removal feature. Although scamware programs in the Trojan:Win32/FakeScanti group will attempt to appear realistic and believable, Trojan:Win32/FakeScanti applications have no ability to find or delete viruses (or, for that matter, any other type of PC threat). SpywareRemove.com malware researchers recommend that you expel any Trojan:Win32/FakeScanti infection with a real anti-malware application, since Trojan:Win32/FakeScanti infections may also be responsible for severe security issues (such as browser hijacks and blocked security programs), in addition to the many types of fake information that they present.
Trojan:Win32/FakeScanti Scanners: All of the Pizazz and None of the Features
Trojan:Win32/FakeScanti infections look just like normal anti-virus scanners on the outside, but their internal structure is built to create fake alerts and warnings without detecting genuine threats to your PC. The sheer amount of fake warnings, pop-ups and inaccurate messages that Trojan:Win32/FakeScanti can deliver is staggering, and include errors like the ones shown here:
Warning: Spyware Detected
Windows has found spy programs running on your computer!
Click here to update your Windows antivirus software
Security Warning
Your computer continues to be infected with harmful viruses. In order to prevent permanent loss of your information and credit card data theft please activate your antivirus software. Click here to enable protection.
Security Warning
There are critical system files on your computer that were modified by malicious software.
It may cause permanent data loss.
Click here to remove malicious software.
Windows Security Center
Serious security vulnerabilities were detected on this computer. Your privacy and personal data may be unsafe. Do you want to protect your PC?
Warning! Infection found
Unauthorized sending E-MAIL with subject "RE:" to [FAKE EMAIL HERE] was CANCELLED.
Trojan:Win32/FakeScanti may also support its fake warnings by changing your Desktop background or by pretending to scan your PC. The name of the program that Trojan:Win32/FakeScanti displays while Trojan:Win32/FakeScanti provides this fake information can also vary; major branches of Trojan:Win32/FakeScanti scamware programs include names as varied as Your PC Protector, OpenCloud AV, Security Guard 2012, Milestone Antivirus, WireShark Antivirus, Wolfram Antivirus and AV Guard Online. SpywareRemove.com malware experts recommend that you disregard the name that a Trojan:Win32/FakeScanti presents you with, since it, like Trojan:Win32/FakeScanti fake alerts, has no point beyond tricking you into thinking that Trojan:Win32/FakeScanti is a real anti-virus product.
Ousting Trojan:Win32/FakeScanti with Legitimate Anti-Malware Protection for Your PC
Even though Trojan:Win32/FakeScanti's fake alerts are almost without end, you may also be attacked by additional functions of a Trojan:Win32/FakeScanti infection that will continue to try to persuade you to give money up to Trojan:Win32/FakeScanti's criminal masterminds. Other symptoms that may make removing Trojan:Win32/FakeScanti particularly-difficult can include:
- The automatic startup of a Trojan:Win32/FakeScanti program that starts a fake system scan whenever Windows loads.
- A fake Windows Security Center pop-up that only serves in the form of a secondary launcher for Trojan:Win32/FakeScanti programs.
- Disabled programs that refuse to launch with unusual warnings. Trojan:Win32/FakeScanti may attempt to deny you access to anti-malware and system maintenance programs, or to all other programs in general.
- Random system restarts (AKA reboots).
- Web browser hijacks that block your ability to visit PC security websites.
Variants of PC threats within the Trojan:Win32/FakeScanti family can display varying characteristics and may include extra functions that aren't present in other Trojan:Win32/FakeScanti programs. However, all Trojan:Win32/FakeScanti variants use advanced methods to infect baseline Windows files; due to this, SpywareRemove.com malware analysts recommend that you delete Trojan:Win32/FakeScanti with the best anti-malware program that's available. If Trojan:Win32/FakeScanti attempts to block your anti-malware application, using Safe Mode or another method to disable Trojan:Win32/FakeScanti from starting in the first place may be mandatory to insure efficient deletion.
The activation code 'DB038748-B4659586-4A1071AF-32E768CD-36005B1B-F4520642-3000BF2A-04FC910B' has also been noted to disable some members of the Trojan:Win32/FakeScanti family.
Trojan:Win32/FakeScanti
Aliases
More aliases (91)
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%PROGRAMFILES%\shk_v10.dll
File name: shk_v10.dllSize: 372.22 KB (372224 bytes)
MD5: f2a24dc55e7baed021ca816ee0144a94
Detection count: 597
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%
Group: Malware file
Last Updated: October 8, 2010
%PROGRAMFILES%\adc_w32.dll
File name: adc_w32.dllSize: 372.22 KB (372224 bytes)
MD5: ba52ad9b31fe50e8a5cfb75362401402
Detection count: 290
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%
Group: Malware file
Last Updated: December 9, 2010
%PROGRAMFILES%\shk_v10.dll
File name: shk_v10.dllSize: 372.22 KB (372224 bytes)
MD5: 2f6ec61bbe1c3b0ba1d156bb832d2a9e
Detection count: 152
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%
Group: Malware file
Last Updated: October 8, 2010
%PROGRAMFILES%\adc_w32.dll
File name: adc_w32.dllSize: 227.32 KB (227328 bytes)
MD5: 88e8aaa8026c16061e80090c30e03f88
Detection count: 110
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%
Group: Malware file
Last Updated: December 8, 2010
%PROGRAMFILES%\adc_w32.dll
File name: adc_w32.dllSize: 223.23 KB (223232 bytes)
MD5: 2aec96e36200b76914851d7a3ed78a19
Detection count: 75
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%
Group: Malware file
Last Updated: December 8, 2010
%PROGRAMFILES%\shk_v10.dll
File name: shk_v10.dllSize: 372.22 KB (372224 bytes)
MD5: 725338f6c2ca458d7ea6857b471e3bd0
Detection count: 68
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%
Group: Malware file
Last Updated: October 8, 2010
%PROGRAMFILES%\shk_v10.dll
File name: shk_v10.dllSize: 373.24 KB (373248 bytes)
MD5: 493dcaa062c18c5550c7d553e9301fbe
Detection count: 28
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%
Group: Malware file
Last Updated: October 8, 2010
%PROGRAMFILES%\adc_w32.dll
File name: adc_w32.dllSize: 360.96 KB (360960 bytes)
MD5: 23bcde829d7c222cbfafefb6c3d9db21
Detection count: 23
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%
Group: Malware file
Last Updated: December 7, 2010
%PROGRAMFILES%\adc_w32.dll
File name: adc_w32.dllSize: 222.2 KB (222208 bytes)
MD5: a1a60f941f331dfc3df3607412238bc1
Detection count: 0
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%
Group: Malware file
Last Updated: December 8, 2010
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.