Security Master AV

Security Master AV is a new fake Antivirus. This rogue drops files on the system and detects them as infected to scare users; files are filled with junk data and do not represent a risk. It replaces My Security Engine, Security Guard, CleanUp Antivirus and Security Antivirus (family link)



Security Master AV comes from fake online scanners and porn sites

If your PC is infected with Security Master AV use MBAM to remove the infection.

Win Antispyware Center

Win Antispyware Center is a fake Antivirus. It displays fake alerts to scare users.



If your system is infected with Win Antispyware Center follow the BleepingComputer removal guide and use MBAM to remove the infection.

XJR Antivirus

XJR Antivirus is a fake Antivirus. It is a clone of AKM Antivirus 2010 Pro, Your PC Protector.



XJR Antivirus prevents legit softwares execution, displays fake alerts and blocks random Web pages:



If you need to clean your computer and XJR Antivirus is blocking legit cleaners execution, enter the following serial to register:
threedollarbillyall

If your PC is infected with XJR Antivirus use MBAM to remove the infection.

Live Security Suite

Live Security Suite is a fake security application. This fake antivirus displays messages to scare users. It replaces Live Entreprise Suite.



If your system is infected with Live Security Suite follow the BleepingComputer removal guide and use MBAM to remove the infection.

Fake Microsoft Security Essentials Antivirus

This (russian) rogue looks like Microsoft Security Essentials GUI. It detect a fake infection and ask for a SMS registration to clean the system.

Data Protection

Data Protection is a fake security application. This rogue prevents legit softwares execution, displays fake alerts and warning messages. Data Protection also detects non existent infections to scare users. It is from the CoreGuard family (Digital Protection, Your Protection, User Protection, Dr. Guard, Paladin Antivirus clone).



If your PC is infected with Data Protection use MBAM to remove the infection.

AKM Antivirus 2010 Pro

AKM Antivirus 2010 Pro is a fake Antivirus. This software prevents legit softwares execution and displays fake alerts. AKM Antivirus 2010 Pro is a clone of Your PC Protector.



If you need to clean your computer and AKM Antivirus 2010 Pro is blocking legit cleaners execution, enter the following serial to register: threedollarbillyall

If your PC is infected with AKM Antivirus 2010 Pro use MBAM to remove the infection.

A-Fast Antivirus

A-Fast Antivirus is a fake Antivirus. This rogue prevents legit softwares execution, displays fake alerts and warning messages. A-Fast Antivirus also detects non existent infections to scare users.



If you need to clean your computer and A-Fast Antivirus is blocking legit cleaners execution, enter one of those serials to register:

B0B302F772
C197C46C46
B20C1467B7
041E4B235A
25CCCC7329
9926220EED
A58EC19D33
C15F2FF276
F61E370D62
DDAD6A7A2C
9F8122FE00
3754DD9DA6
3DC52EA100
EE73BBFFA6
7E61C9C7DF
EE34D2E8A7
AA61971AA1
9D2510E3E8

If your PC is infected with A-Fast Antivirus use MBAM to remove the infection.

Thanks to Jaxryley

Defence Lab

Defence Lab (D.Lab) is a fake antivirus software. The fake scanner test the presence of a winload.dll file at different location:
%SYSTEM%\
%APPDATA%\Mozilla\Firefox\Profiles\Main\
%APPDATA%\Microsoft\SystemBackup\



if the file is present at any of these places (no matter if it is a 0ko file), the rogue displays a list of HardCoded fake infections:

WM/Trojan.Downloader.Get.5
AD/Porn.Adware.Gen
WM/Worm.Sun.E54
BHO/Dropper.Generic
TR/Trojan-Dropper.W32
TR/Trojan.Win32.Swisyn
BD/Malware.Assist
WM/BankTRJ.65
TR/Spyware.NTAP.Gen
BHO/Trojan-Banker.CI
TR/Trojan-Banker.Banbra.QOS

BOOTVID.DLL
pxcpyi64.exe
vrlogon.dll
iexpress.exe
mstime.dll
ieakeng.dll
wisptis.exe
hbaapi.dll
ws2_32.dll
TCPSVCS.EXE
ieui.dll
ntoskrnl.exe
kernel32.dll
user32.dll
userinit.exe
w95inf32.dll
explorer.exe



If your PC is infected with Defence Lab use MBAM to remove the infection.