May 16

Best Antivirus Software rogue of the FakeVimes family

Best Antivirus Software is a rogue of the FakeVimes Family  that uses the scare tactics of generating pop up fake alerts to get the users infected to buy the rogue.

The FakeVimes rogues also hijacks the hosts file and sets a proxy in the Internet Options, Connections, Lan Settings which is used for Search Engine Results re-directs.

The FakeVimes family also includes in the registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Image File Execution Options, hundreds of entries of the different legitimate Antivirus companies executable files to block them from being able to be ran.

Best Antivirus Software (FakeVimes) GUI

Files and Locations:
%ALLUSERSPROFILE%\<Random Named Folder>
%ALLUSERSPROFILE%\<Random Named folder>\<Random File Name>.exe
%ALLUSERSPROFILE%\<Random Named folder>\<Random File Name>.ico
%ALLUSERSPROFILE%\<Random Named folder>\Quarantine Items
%ALLUSERSPROFILE%\<Random Named folder>\<Random File Name>.cfg
%APPDATA%\Best Virus Protection\Instructions.ini
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\Best Antivirus Software.lnk

There are ways of removing this manually, but we recommend using our malware removal tool, VIPRE Antivirus. You can download a free trial to remove AntiMalware PC  Safety from your PC for no cost by clicking on the link below:


If you are unable to download and install our malware removal tool because the rogue has infected your PC and is not allowing you to install the program, you can use our VIPRE Rescue Disc here:


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>