Dr. Guard

Dr. Guard is a fake security application. This rogue prevents legit softwares execution, displays fake alerts and warning messages. Dr. Guard also detects non existent infections to scare users. It is from the CoreGuard family (Paladin Antivirus copycat).

The rogue contain Malwarebytes MBAM database, but Dr. Guard is unable to work with it as the engine is not optimized to use the stolen data.



If your PC is infected with Dr. Guard use MBAM to remove the infection or follow Bleeping Computer's removal guide.

Thanks to Malekal Morte.

Antimalware Doctor

Antimalware Doctoris a rogue anti-spyware application. This program acts like a legitimate security program, but it displays fake alerts and warning messages to scare users. Pushing them to buy a license.



If your computer is infected with Antimalware Doctor use MBAM to remove the infection or follow Bleeping Computer's removal guide.

To help removal, you can register the rogue with the following serial: MTk4-NzE1-NTYx-NTUw

PC Defender

PC Defender is a new fake Antivirus. This program displays fake alerts and warning messages. PC Defender detects non existent infections to scare users pushing them to buy a license.



If your computer is infected with PC Defender use MBAM to remove the infection or follow Bleeping Computer's removal guide.

Virus Protector

Virus Protector is a fake Antivirus. This rogue detects non existent infections to scare users, displaying numerous warning messages to register for cleaning.

Virus Protector belongs to the Winisoft family, a long series of rogue clones.



If your computer is infected with Virus Protector use MBAM to remove the infection or follow Bleeping Computer's removal guide.

General Antivirus

General Antivirus is a fake Antivirus. This program detects non existent infections to scare users.



If your PC is infected with General Antivirus use MBAM to remove the infection.

Personal Anti Malware

Personal Anti Malware is a new fake security software. It is a Clone of Antivirus'09 (lots of reference to this rogue have been found in the code).

Personal Anti Malware is detecting legit files as infected to scare users, displaying numerous alert messages.



The registered version of the rogue has a different GUI:





tomorrownews.org (217.23.9.203)
avscaner.com (95.154.194.13)
getsupportcenter.com (62.212.91.45)
avprotectioncenter.com (62.212.91.45)

If your PC is infected with Personal Anti Malware, use MBAM to remove the infection.

Registry Cleaners

Looking at the Registry Cleaners ads, they all want to Boost / Improve Speed / Speed Up the computer / Increasing Performance of the system / Removing BSOD / Fix Errors, crashes, and freezes / (...) by cleaning the registry.

Registry Cleaners are useless. On a brand new Windows installation, all these cleaners will detect +100 errors to solve (From Empty keys to File Association errors ... ).

CyberDefender Registry Cleaner


PC Doc Pro


Error Fix


RegTool


Reg Fix


ErrorEasy


Of course, buying a license is necessary to "fix" these so called errors. These optimization tools will never Boosts Windows speeds up to 800% :

System Mechanics Boosts Windows speeds up to 800%


In February Microsoft Malware Protection Center reported RegCure from Paretologic (a MS Certified Partner) as Program:Win32/RegCure.

Program:Win32/RegCure is a program that is promoted as a system optimization tool. This program may display deceptive or fraudulent claims about files, registry entries and/or other items on the system.

Avoid these fraudulent tools.

Security essentials 2010

Security essentials 2010 is a fake security software (rogue). It replaces Internet Security 2010 and Advanced Virus Remover.



Security essentials 2010 displays a lot of warning messages, change the desktop background, detects fake infections and blocks softwares execution. It comes from fake online scanners, malicious porn sites, fake cracks and exploits.

If your PC is infected with Security essentials 2010, use MBAM to remove the infection.

My Security Wall

My Security Wall is a new rogue (fake Antivirus). This software drops non PE files on the system and detects them as infected.



My Security Wall comes from fake online scanners.

If your PC is infected with My Security Wall use MBAM to remove the infection.

Thanks to Miekiemoes

Security Antivirus

Security Antivirus is a new rogue (fake Antivirus). This software drops non PE files on the system and detects them as infected.



Security Antivirus comes from fake online scanners, which are javascript/HTML animations.

If your PC is infected with Security Antivirus use MBAM to remove the infection.

Antivirus

Antivirus is a fake security software. This rogue display fake alerts and detects inexistent infected files.



Antivirus comes from fake online scanners, which are javascript/HTML animations.

Licensing the software, the rogue is proposing an update and display a progress bar. But there is no network activity.



If your PC is infected with Antivirus use MBAM to remove the infection.

Advanced Defender

Advanced Defender is a fake security application. It drops files in the system (non PE files) and detects them as fake infections to scare users. It also prevent legit softwares execution, displaying an alert/infected message.



If your PC is infected with Advanced Defender use MBAM to remove the infection.

SecurePcAv

SecurePcAv (Secure PC AV) is a fake security software (rogue) from the Winisoft family (SafePcAv, GuardWWW, MyPcSecure, PcSecureNet, PcsSecure, APcSafe, APcSecure, DefendAPc, SysDefenders, InSysSecure, SysProtector, APcDefender, PcsProtector, GreatDefender, APCprotect, ProtectPcs, SysDefence, TheDefend, GuardPcs, IGuardPc, SiteAdware, AntiTroy, AntiKeep, AntiAdd, RESpyWare, REAnti, KeepCop, SiteVillain, LinkSafeness, SecureKeeper, AntiAID, System Warrior, System Veteran, System Fighter, Block Protector, Block Keeper, Block Scanner, Block Watcher, SoftBarrier, Shield Safeness, Soft Stronghold, Soft Veteran, SoftCop, Soft Soldier, Trust Fighter, Trust Soldier, Safe Fighter, Trust Cop, Secure Warrior, Secure Fighter, Secure Veteran, Security Soldier, Security Fighter, Save Armor, Save Defender, Trust Warrior, Soft Safeness, Safety Keeper, Save Keeper, Quick Heal Cleaner, System Cop, Block Defense, Save Defense, Trust Ninja, Save Soldier, Save Keep, Winishield, Wini Fighter, WiniBlueSoft)



SecurePcAv comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.

If your PC is infected with some of the WiniSoft family rogue, use MBAM to remove the infection.

Paladin Antivirus

Paladin Antivirus is a fake security application (rogue) from the CoreGuard family.

Paladin Antivirus detects fake infections on a clean system to scare users. It also prevent legit softwares execution, displaying an alert/infected message.
The rogue contain Malwarebytes MBAM database, but Paladin Antivirus is unable to work with it as the engine is not optimized to use the best of the stolen data.

Licensing the software and clicking [Check for Updates] button launch an animation but there is no network activity.



If your PC is infected with Paladin Antivirus use MBAM to remove the infection.

Your PC Protector

Your PC Protector is a fake security application (rogue).

Your PC Protector detects fake infections on a clean system to scare users. It also prevent legit softwares execution, displaying an alert/infected message.



If your PC is infected with Your PC Protector use MBAM to remove the infection.

SafePcAv

SafePcAv is a fake security software (rogue) from the Winisoft family (GuardWWW, MyPcSecure, PcSecureNet, PcsSecure, APcSafe, APcSecure, DefendAPc, SysDefenders, InSysSecure, SysProtector, APcDefender, PcsProtector, GreatDefender, APCprotect, ProtectPcs, SysDefence, TheDefend, GuardPcs, IGuardPc, SiteAdware, AntiTroy, AntiKeep, AntiAdd, RESpyWare, REAnti, KeepCop, SiteVillain, LinkSafeness, SecureKeeper, AntiAID, System Warrior, System Veteran, System Fighter, Block Protector, Block Keeper, Block Scanner, Block Watcher, SoftBarrier, Shield Safeness, Soft Stronghold, Soft Veteran, SoftCop, Soft Soldier, Trust Fighter, Trust Soldier, Safe Fighter, Trust Cop, Secure Warrior, Secure Fighter, Secure Veteran, Security Soldier, Security Fighter, Save Armor, Save Defender, Trust Warrior, Soft Safeness, Safety Keeper, Save Keeper, Quick Heal Cleaner, System Cop, Block Defense, Save Defense, Trust Ninja, Save Soldier, Save Keep, Winishield, Wini Fighter, WiniBlueSoft)



SafePcAv comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.

If your PC is infected with some of the WiniSoft family rogue, use MBAM to remove the infection.

GuardWWW

GuardWWW is a fake security software (rogue) from the Winisoft family (MyPcSecure, PcSecureNet, PcsSecure, APcSafe, APcSecure, DefendAPc, SysDefenders, InSysSecure, SysProtector, APcDefender, PcsProtector, GreatDefender, APCprotect, ProtectPcs, SysDefence, TheDefend, GuardPcs, IGuardPc, SiteAdware, AntiTroy, AntiKeep, AntiAdd, RESpyWare, REAnti, KeepCop, SiteVillain, LinkSafeness, SecureKeeper, AntiAID, System Warrior, System Veteran, System Fighter, Block Protector, Block Keeper, Block Scanner, Block Watcher, SoftBarrier, Shield Safeness, Soft Stronghold, Soft Veteran, SoftCop, Soft Soldier, Trust Fighter, Trust Soldier, Safe Fighter, Trust Cop, Secure Warrior, Secure Fighter, Secure Veteran, Security Soldier, Security Fighter, Save Armor, Save Defender, Trust Warrior, Soft Safeness, Safety Keeper, Save Keeper, Quick Heal Cleaner, System Cop, Block Defense, Save Defense, Trust Ninja, Save Soldier, Save Keep, Winishield, Wini Fighter, WiniBlueSoft)



GuardWWW comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.

If your PC is infected with some of the WiniSoft family rogue, use MBAM to remove the infection.

Antivirus Soft

Antivirus Soft is a new fake security application (rogue)

The rogue detects fake infections on a clean system to scare users. It also prevent legit softwares execution, displaying an alert/infected message.



If your PC is infected with Antivirus Soft use MBAM to remove the infection.

Antimalware Defender

Antimalware Defender is a new fake security application.

The rogue detects fake infections on a clean system to scare users.



To register (and help removal), enter this serial code: D13F-3B7D-B3C5-BD84

If your PC is infected with Antimalware Defender use MBAM to remove the infection. (BleepingComputer removal guide)

Thanks to Remixed.

Spycheck

Spycheck Anti-Spyware 2010 is a fake security application from Hydra Networks. It is from the same family as Fast Antispyware



If your PC is infected with Spycheck use MBAM to remove the infection.