Wednesday, October 14, 2009

Active Security rogue of the FakeCog Family

Active Security is rogue of the FakeCog Family, which the downloader attempts to uninstall legitimate Security apps when detected to evade detection, some of which are listed below.

Malwarebytes' Anti-Malware
Avira AntiVir

When infected with Active Security the user will be inundated with pop-ups stating the PC is infected, under attack or not protected. These security warnings and pop-ups are all fake, designed to scare the user into purchasing the software. Active Security will also run a system scan every time the PC is started. After every system scan Active Security will report numerous infections and will require the user to purchase the software before removing the infections. This is a complete scam, the system scan reports are fictitious, created to frighten people into thinking their PC is infected in hopes they will click and buy the software to clean their machines.

Files and Locations:%PROGRAM_FILES%\Active Security
%PROGRAM_FILES%\Active Security\asecurity.exe
%PROGRAM_FILES%\Active Security\core.cga
%PROGRAM_FILES%\Active Security\coreext.dll
%PROGRAM_FILES%\Active Security\help.ico
%PROGRAM_FILES%\Active Security\uninstall.exe
%COMMON_DESKTOPDIRECTORY%\Active Security ReadMe.txt
%COMMON_DESKTOPDIRECTORY%\Active Security Support.lnk
%COMMON_PROGRAMS%\Active Security
%COMMON_PROGRAMS%\Active Security\Active Security Support.lnk
%COMMON_PROGRAMS%\Active Security\Active Security.lnk
%COMMON_PROGRAMS%\Active Security\Uninstall Active Security.lnk
Active Security uses fake security warnings like the above to frighten people into downloading and buying the corrupt software

The Active Security rogue can be removed with manually methods, however, it is recommend to use our malware removal tool, VIPRE Antivirus.
You can download a free trial to remove the Active Security rogue from your PC for no cost by clicking on the link below:
 If you are unable to download and install our malware removal tool because this has infected your computer and is not allowing you to install the program, you can use our VIPRE Rescue Disc here:


  1. Thanks a lot for your warning. My computer had been infected yesterday, and I really had a problem getting rid of Active Security in the first place. Both Avira Antivir and Spyware Doctor didn't recognize it, so I followed your proposal and used VIPRE software which worked perfectly.

    Thank you again, and kind regards from Germany,


  2. Trying to fix my mother-in-law's laptop, hope this works. Spyware Doctor found it, but wanted $50 to remove it. So now I have to remove spyware doctor too!

  3. PSB,

    If you have any problems removing with VIPRE, you can always contact Sunbelt's tech support for FREE!! 877-673-1153

  4. Can anyone tell me what to do if I've already been bullied into purchasing Active Security, and my PC is acting so erratically that I can't seem to get enough control over it to download something else to remove it? Thanks! Wish I could have gotten this info before spending 50.00. Any records of them taking more than this out of people's accounts, or going further?

  5. The only thing you can do at this point to get your money back is to contact your credit card company.

    Active Security like most rogues will make it impossible to open or install other programs. In order to download and install VIPRE to remove this pest can usually be done by stopping the Active Security process.

    To stop the Active Security process, do a control + alt+ delete and click on Task Manager. Click on the Processes tab and highlight for Active Security, then click the End Process button.

    This should allow you to download and install VIPRE.

    If you still have problems give Sunbelt tech support a call, they will walk you through how to remove this pest with VIPRE.