Many of the FakeAlert infections you guys are posting about show two common file names - av.exe and ave.exe - and it's a common misconception that because two malware files have the same name that they are actually the same file. The bad guys unfortunately don't make it that simple. The code within these files is frequently changed to try and avoid detection. Remember that the authors of these programs are trying to make money by conning the user into buying their software so it's in their very interests to keep churning out new code in order to keep their potential revenue streams fresh.


If you happen to be attacked by a fake alert please read through the following blog post and the documents it references:


Fighting Fake Anti-Virus Infections


Sending in a sample of the file is always a good place to start too- and here's how.