Security Master AV is a widespread fake security software application which is related to My Security Engine and Cleanup Antivirus. Similarly to its relatives, Security Master AV uses scare tactics to push users into purchasing a license for the software. This rogue program gets installed on user systems through Trojans that get downloaded from malicious websites which claim to contain essential video codec packs. Once installed, Security Master AV disables any antivirus software present on the system, as well as system utilities such as task manager and registry editor. Once it has ensured that the user cannot attempt to manually remove it, this rogue application will then proceed to perform a large number of fake scans on the user’s system, claiming that it is heavily infected with malicious software. It will also display endless pop-ups from the Windows taskbar, falsely warning the user of virus threats. Finally Security Master AV will proceed to urge the user to purchase a license to the ‘full’ version of the software, claiming that the currently installed ‘trial’ version is not up to the task of cleaning out all the detected ‘viruses’. However, no user should fall for this trick, as the ‘full’ version of Security Master AV is just as incapable of scanning or cleaning any computer system as the ‘trial’ version is.
Security Master AV
» Download Security Master AV Removal Software
As soon as you find a copy of this malicious software installed on your computer, you should take steps to delete Security Master AV. Security Master AV removal involves the stopping of processes, unregistering of DLLs, removal of files and folders and the deletion of registry entries. However, before attempting this you should restart your computer in Safe Mode.
Security Master AV Removal ( Manual Removal Procedures )
The first step you need to take in order to delete Security Master AV is to stop the following processes:
- SM8d7c.exe
- ANTIGEN.exe
- std.exe
- SM345d.exe
Next, it is necessary to unregister the following DLL files to continue with Security Master AV removal:
- cid.dll
- ddv.dll
- runddlkey.dll
- sqlite3.dll
- mozcrt19.dll
The next step that has to be taken to remove Security Master AV is the deletion of the following files and folders:
Windows XP:
- %CommonAppData%\8d7ca11\25.mof
- %CommonAppData%\8d7ca11\SM8d7c.exe
- %CommonAppData%\8d7ca11\SMAV.ico
- %CommonAppData%\8d7ca11\SMAVSys\vd952342.bd
- %AppData%\Microsoft\Internet Explorer\Quick Launch\Security Master AV.lnk
- %AppData%\Security Master AV\cookies.sqlite
- %Desktop%\Security Master AV.lnk
- %UserProfile%\Recent\ANTIGEN.drv
- %UserProfile%\Recent\ANTIGEN.exe
- %UserProfile%\Recent\cid.dll
- %UserProfile%\Recent\CLSV.drv
- %UserProfile%\Recent\DBOLE.sys
- %UserProfile%\Recent\ddv.dll
- %UserProfile%\Recent\ddv.sys
- %UserProfile%\Recent\energy.tmp
- %UserProfile%\Recent\FS.drv
- %UserProfile%\Recent\gid.drv
- %UserProfile%\Recent\PE.drv
- %UserProfile%\Recent\PE.exe
- %UserProfile%\Recent\PE.sys
- %UserProfile%\Recent\PE.tmp
- %UserProfile%\Recent\std.exe
- %UserProfile%\Recent\tjd.drv
- %UserProfile%\Recent\tjd.sys
- %UserProfile%\Recent\runddlkey.dll
- %StartMenu%\Security Master AV.lnk
- %StartMenu%\Programs\Security Master AV.lnk
- c:\Documents and Settings\All Users\Application Data\345d567\
- c:\Documents and Settings\All Users\Application Data\345d567\16.mof
- c:\Documents and Settings\All Users\Application Data\345d567\mozcrt19.dll
- c:\Documents and Settings\All Users\Application Data\345d567\SM345d.exe
- c:\Documents and Settings\All Users\Application Data\345d567\SMAV.ico
- c:\Documents and Settings\All Users\Application Data\345d567\sqlite3.dll
- c:\Documents and Settings\All Users\Application Data\345d567\Quarantine Items\
- c:\Documents and Settings\All Users\Application Data\345d567\SMAVSys\
- c:\Documents and Settings\All Users\Application Data\345d567\SMAVSys\vd952342.bd
- c:\Documents and Settings\All Users\Application Data\SMNPCTCAV\
- c:\Documents and Settings\All Users\Application Data\SMNPCTCAV\SMMPIBBZGHAV.cfg
- %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Security Master AV.lnk
Windows Vista / Windows 7:
- %CommonAppData%\8d7ca11\25.mof
- %CommonAppData%\8d7ca11\SM8d7c.exe
- %CommonAppData%\8d7ca11\SMAV.ico
- %CommonAppData%\8d7ca11\SMAVSys\vd952342.bd
- %AppData%\Microsoft\Internet Explorer\Quick Launch\Security Master AV.lnk
- %AppData%\Security Master AV\cookies.sqlite
- %Desktop%\Security Master AV.lnk
- %UserProfile%\Recent\ANTIGEN.drv
- %UserProfile%\Recent\ANTIGEN.exe
- %UserProfile%\Recent\cid.dll
- %UserProfile%\Recent\CLSV.drv
- %UserProfile%\Recent\DBOLE.sys
- %UserProfile%\Recent\ddv.dll
- %UserProfile%\Recent\ddv.sys
- %UserProfile%\Recent\energy.tmp
- %UserProfile%\Recent\FS.drv
- %UserProfile%\Recent\gid.drv
- %UserProfile%\Recent\PE.drv
- %UserProfile%\Recent\PE.exe
- %UserProfile%\Recent\PE.sys
- %UserProfile%\Recent\PE.tmp
- %UserProfile%\Recent\std.exe
- %UserProfile%\Recent\tjd.drv
- %UserProfile%\Recent\tjd.sys
- %UserProfile%\Recent\runddlkey.dll
- %StartMenu%\Security Master AV.lnk
- %StartMenu%\Programs\Security Master AV.lnk
- c:\Users\%USER%\AppData\345d567\
- c:\ Users\%USER%\AppData \345d567\16.mof
- c:\ Users\%USER%\AppData \345d567\mozcrt19.dll
- c:\ Users\%USER%\AppData \345d567\SM345d.exe
- c:\ Users\%USER%\AppData \345d567\SMAV.ico
- c:\ Users\%USER%\AppData \345d567\sqlite3.dll
- c:\ Users\%USER%\AppData \345d567\Quarantine Items\
- c:\ Users\%USER%\AppData \345d567\SMAVSys\
- c:\ Users\%USER%\AppData \345d567\SMAVSys\vd952342.bd
- c:\ Users\%USER%\AppData \SMNPCTCAV\
- c:\ Users\%USER%\AppData \SMNPCTCAV\SMMPIBBZGHAV.cfg
- %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Security Master AV.lnk
Security Master AV Removal of Registry Items
File deletion alone is not sufficient to completely remove Security Master AV. The following keys and settings should be removed from the Windows Registry for complete Security Master AV removal:
- HKEY_CURRENT_USER\Software\3
- HKEY_CLASSES_ROOT\SMAVSys.DocHostUIHandler
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Security Master AV”
- HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
- HKEY_CLASSES_ROOT\SM345d.DocHostUIHandler
- HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=7&q={searchTerms}"
- HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=7&q={searchTerms}"
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
- HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=7&q={searchTerms}"
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = "no"
Remove Security Master AV Directories:
- No direct folders that absolutely need to be removed/
Outside Resources:
http://www.bleepingcomputer.com/virus-removal/remove-security-master-av
http://community.norton.com/t5/Other-Norton-Products/Security-Master-AV/td-p/236363
so since i have the security master thing installed, and its a virus, does that mean that the warnings are true? the things that pop up saying i have multiple viruses? do i really have them because rite now its up to about 100. and i have another thing installed to rid of them, but when i run Mcafee it says theres nothing, yet the security master says about 100. . what should i do?
The guide could not be more clear in answering this question. Yes the scan results are fake like the removal guide states. We also tell you exactly what needs to be done. Follow the guide. If you have specific questions on not being able to do a step then please ask that. Other wise the guide works. It’s how we remove it from all our test computers.