Click on screenshot to zoom
Danger level 7
Type: Rogue Anti-Spyware


TR/FakeAV is an umbrella name used when discussing fake antivirus (“FakeAV”) programs. The “TR” part of the name identifies these infections as Trojans, and as you may know already, Trojans are the malicious computer programs that use false information and misleading interfaces or intentions to enter operating systems. Unfortunately, TR/FakeAV infections are often downloaded by computer users themselves thinking that reliable automatic malware detection and removal software is being installed instead. Needless to say, all users must remove TR/FakeAV.

There are hundreds and thousands of computer infections that could be detected as TR/FakeAV. Some of these infections are associated with different families of rogue malware removers, including Braviax, WinPCDefender, and FakeVimes. Braviax is the family of rogues that has been discussed by malware researchers most recently, and some infections associated with it include SystemBytes Win 8 2015, A-Secure 2015, and Zorton Win 8 Antivirus 2014. Needless to say, all of these fake security tools require immediate removal. Unfortunately, most computer users have difficulty recognizing the running rogues as fictitious security tools/malware removers.

The main purpose of all TR/FakeAV infections is to convince Windows users that they need to invest in specific malware detection and removal tools. Of course, these tools are fictitious and cannot be used to clear remove malware from your PC or to protect it against the attacks of cyber criminals. In fact, these search tools are promoted only to collect money. Therefore, TR/FakeAV rogues are set up in a way to convince users about the supposedly attacking infections and then assure them that the fake security software is working. The developers of TR/FakeAV malware have a lot of experience, and so they know what kind of information and in which kind of format to present.

TR/FakeAV rogues heavily rely on the misleading interfaces and the released notifications. These rogues can reconfigure the Windows Registry to corrupt the system tray and to release fictitious security alerts that look just like regular Windows notifications. We present a few examples. If you notice these or similar notifications, you probably need to delete TR/FakeAV. Note that the removal must be performed ASAP.

We strongly recommend that you activate [the name of the rogue]

Software without a digital signature detected. Your system files are at risk. We strongly advise you to activate your protection.

Suspicious activity detected.

The malicious TR/FakeAV are also notorious for using fake malware scanners that list completely fictitious threats that users supposedly need to delete. On top of that, the rogues can paralyze your operating system so that you would think that this malware does exist. Some users will find that connection to the Internet is blocked, and others will not be able to run .exe files. It is also common for TR/FakeAV victims to suffer from abrupt system crashes and other disturbances. Unfortunately, if these tricks are used successfully, users are tricked into purchasing completely worthless malware removal software. If you pay money for the “licensed version” of TR/FakeAV, you will simply lose your money, and your personal information will be exposed to schemers who could use it to scam you further.

It is obvious that your operating system is not protected, because if it were, TR/FakeAV would not be a threat. TR/FakeAV can be infiltrated using social engineering and drive-by download scams, and this means that one single click could lead to the installation of the rogue malware removal software. Make sure to patch all security vulnerabilities using a reliable security tool that will delete TR/FakeAV from your PC automatically. Use our search box to find the removal guides for different versions of the TR/FakeAV infection.

Download Spyware Removal Tool to Remove* TR/FakeAV
  • Quick & tested solution for TR/FakeAV removal.
  • 100% Free Scan for Windows

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.