TROJ_FAKEAV.HUU

TROJ_FAKEAV.HUU is a Winwebsec-derived rogue anti-malware program, and like other Winwebsec scamware, TROJ_FAKEAV.HUU uses fake security information to convince you to purchase its software (although even TROJ_FAKEAV.HUU's purchase form is fake). While TROJ_FAKEAV.HUU's family members have been found to be distributed in multiple ways, including via e-mail spam, SpywareRemove.com malware analysts have found at least sports copycat site that's distributing TROJ_FAKEAV.HUU along with several other PC threats. Accordingly, anti-malware scans after any exposure to fake sports sites should be a common-sense precaution, and until TROJ_FAKEAV.HUU is removed, it's especially recommended for you to ignore TROJ_FAKEAV.HUU's fraudulent system scans, pop-ups and other means of displaying fake security data.

TROJ_FAKEAV.HUU: the Fake Fan in Your Virtual Soccer Stadium

TROJ_FAKEAV.HUU's current distribution method, although hardly unique to TROJ_FAKEAV.HUU, is a fake sports site that imitates the format of the official UEFA (a promotional organization for the sport of soccer, or as Europe knows it, football) site. This malicious site, [censored]uro2012.com, has been confirmed to use advertisement trackers and phishing surveys, and may also utilize browser exploits to install TROJ_FAKEAV.HUU and similar PC threats automatically. TROJ_FAKEAV.HUU, itself, AKA Security Shield, is a member of WinWebSec, a classification of rogue anti-malware programs that also counts System Tool, Security Sphere 2012, Security Tool, Winweb Security, Smart Protection 2012 and Live Security Platinum amongst its members.

Symptoms that you should anticipate with any TROJ_FAKEAV.HUU infection include:

• Blocked applications, particularly web browsers like Firefox or Internet Explorer. TROJ_FAKEAV.HUU may also display a fake firewall pop-up (that claims that a Trojan has infected the program) while TROJ_FAKEAV.HUU blocks these applications. However, non-web browser programs are also vulnerable to being blocked by TROJ_FAKEAV.HUU.
• Fake system alerts and warning messages that appear at random, as well as when you try to launch a TROJ_FAKEAV.HUU-blocked application.
• Fake system scans by TROJ_FAKEAV.HUU, which launches automatically and refuses to be turned off.
• Phishing attacks that take the form of purchase requests for Security Shield. This form serves no purpose except to steal financial information and other types of confidential data, and SpywareRemove.com malware analysts especially discourage spending money on any member of Winwebsec, including TROJ_FAKEAV.HUU.

Getting Rid of an Imposter of PC Security with a Legitimate Alternative

If you've visited a site like the one described earlier in this article, or otherwise have any reason to suspect that your PC has been compromised by TROJ_FAKEAV.HUU, a hasty and thorough disinfection is crucial for your PC's safety. Once unblocked, any updated and competent anti-malware program should be able to identify and remove TROJ_FAKEAV.HUU, which may also be detected by the following aliases:

• Win32/Adware.SecurityTool
• SecurityShieldFraud
• Trojan.Win32.FakeAV.wly
• Rogue:Win32/Winwebsec
• FakeAlert-AVPSec.k
• TROJ_FAKEAV.BKC

Besides TROJ_FAKEAV.HUU, [censored]uro2012.com also distributes TROJ_DLOADR.BGV, a Trojan downloader that installs the spyware Trojan TSPY_ZBOT.JMO, which is capable of stealing highly-confidential information from your PC.

Technical Details