'AVG Antivirus 2011' is a variant of Win32/FakeXPA - a family of programs that claims to scan for malware and displays fake warnings of malicious programs and viruses. They then inform the user that they need to pay money to register the software to remove these non-existent threats. Some members of the Win32/FakeXPA family might also download additional malware and have been observed in the wild downloading variants of Win32/Alureon.

 

Special Note:
Reports of Rogue Antivirus programs have been more prevalent as of late. These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software. Some of these programs, such as Trojan:Win32/Antivirusxp and Program:Win32/FakeRednefed may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products. These products may represent themselves as "Antivirus XP", "AntivirusXP 2008", "WinDefender 2008", "XP Antivirus", or similar.

 

Use Microsoft Windows Defender, Microsoft Security Essentials, the Microsoft Safety Scanner, or another up-to-date scanning and removal tool to detect and remove this threat and other unwanted software from your computer. For more information on Microsoft security products, see http://www.microsoft.com/protect/products/computer/default.mspx.

System Security is a variant of Win32/Winwebsec - a family of programs that claims to scan for malware and displays fake warnings of “malicious programs and viruses”. They then inform the user that they need to pay money to register the software in order to remove these non-existent threats.

 

Special Note:
Reports of Rogue Antivirus programs have been more prevalent as of late.  These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software.  Some of these programs may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products.  These products may represent themselves as “Antivirus XP”, “AntivirusXP 2008”, “WinDefender 2008”, “XP Antivirus”, or similar.

 

Use Microsoft Windows Defender, Microsoft Security Essentials, the Microsoft Safety Scanner, or another up-to-date scanning and removal tool to detect and remove this threat and other unwanted software from your computer. For more information on Microsoft security products, see http://www.microsoft.com/protect/products/computer/default.mspx.

Windows Defender detects and removes this threat.

 

Win32/FakeSecSen is a family of programs that claim to scan for malware and display fake warnings of malicious programs and viruses.

Find out ways that malware can get on your PC.

Total Anti Malware Protection is a variant of Win32/FakeVimes - a family of programs that claims to scan for malware and displays fake warnings of "malicious programs and viruses". They then inform the user that they need to pay money to register the software in order to remove these non-existent threats. It may also modify security settings, prevent programs from running, and modify the Hosts file.

This family of rogue security programs pretend to scan your PC for malware, and often report lots of infections. The program will say you have to pay for it before it can fully clean your PC.

However, the program hasn't really detected any malware at all and isn't really an antivirus or antimalware scanner. It just looks like one so you'll send money to the people who made the program. Some of these programs use product names or logos that unlawfully impersonate Microsoft products.

Even if you do pay to "unlock" the app, it won't do anything because your PC isn't actually infected with all that malware it "found".

Different brands of the rogues may modify various settings on your computer, end or close programs or system services, or block access to websites.

We've seen the rogues use the following names: 

• Advanced Antispyware Solution
• Antimalware PC Safety
• Antivirus Smart Protection
• AV Security Essentials
• Best Antivirus Software
• Best Virus Protection
• Home Malware Cleaner
• Home Security Solutions
• Internet Security Guard
• Malware Protection Center
• Smart Anti-Malware Protection
• Strong Malware Defender
• System Protection Tools
• Total Anti Malware Protection

Best Antivirus Software is a variant of Win32/FakeVimes - a family of programs that claims to scan for malware and displays fake warnings of "malicious programs and viruses". They then inform the user that they need to pay money to register the software in order to remove these non-existent threats. It may also modify security settings, prevent programs from running, and modify the Hosts file.

Windows Defender Antivirus detects and removes this threat.

 

This threat is a variant of the Win32/FakeVimes family. Programs in this family claim to scan your PC for malware and then show you fake warnings about malicious programs and viruses. They usually tell you to pay money to register the software and remove the fake malware.

 

You can read more about this type of threat on our rogue security software page.