Index Introduction Database Detailed Entries Updates Concise List HJT Forums Rogues Message Board

Rogues - AntiAID family

Currently, there are 32 variants (that I know) of the rogue security software known as AntiAID. The applications can be manually downloaded and installed, or if your system is vulnerable (without current, adequate protection), they may be installed by a downloader - without the user's consent. They may seem to be a viable alternative to tools available from respected names in this field such as Kaspersky, Symantec, Trend Micro, McAfee, CA, F-Secure, et al but read on.

The twist here is that when they are installed they create numerous fake program files that are detected by the program as malware - use these fake threats to goad the user into buying a full license for the application to remove these threats - that don't really exist. The fake programs installed are actually harmless and pose no threat to your computer and are just used to validate the fake scan.

Please note that throughout this page I only refer to the HijackThis (or HJT) startup entries and not all associated files - to keep in with the theme of the rest of the site.

AntiAID

AntiAID and it's variants are based upon the WiniGuard family, with the same menus but a modified interface. The following image (© BleepingComputer) shows the scan screen for AntiAID (click on the image for a larger version - applies throughout):

AntiAID

HijackThis (or HJT) log startup entry identified:

There can also be additional startup entries created for random filenames - see this ThreatExpert report for some examples.

External links:

Any removal guide referred to below uses MalwareBytes Anti-Malware, which incorporates the functionality from their popular (but now discontinued) RogueRemover products:

MalwareBytes Anti-Malware

Variants

Before dealing with the individual variants, here are some screenshots from some of them (© BleepingComputer) showing the common user interface:

AntiAdd AntiTroy KeepCop LinkSafeness RESpyWare SecureKeeper

Index

AntiAdd GreatDefender PCprotectar SecureKeeper
AntiKeep GuardPcs PcSecureNet SecurePcAv
AntiTroy GuardWWW PcsProtector SiteAdware
APcDefender IGuardPc PcsSecure SiteVillain
APCprotect InSysSecure ProtectPcs SysDefence
APcSafe KeepCop REAnti SysDefenders
APcSecure LinkSafeness RESpyWare SysProtector
DefendAPc MyPcSecure SafePcAv TheDefend

AntiAdd

Main HJT log entry:

Other identified HJT log entries:

External links:

AntiKeep

Main HJT log entries:

External links:

AntiTroy

Main HJT log entries:

Other identified HJT log entries:

External links:

APcDefender

Main HJT log entries:

Other identified HJT log entries:

External links:

APCProtect

Main HJT log entries:

Other identified HJT log entries:

External links:

APcSafe

Main HJT log entries:

Other identified HJT log entries:

External links:

APcSecure

Main HJT log entries:

External links:

DefendAPc

Main HJT log entries:

Other identified HJT log entries:

External links:

GreatDefender

Main HJT log entries:

External links:

GuardPcs

Main HJT log entries:

Other identified HJT log entries:

External links:

GuardWWW

Main HJT log entries:

Other identified HJT log entries:

External links:

IGuardPc

Main HJT log entries:

Other identified HJT log entries:

External links:

InSysSecure

Main HJT log entries:

Other identified HJT log entries:

External links:

KeepCop

Main HJT log entry:

Other identified HJT log entries:

External links:

LinkSafeness

Main HJT log entry:

Other identified HJT log entries:

External links:

MyPcSecure

Main HJT log entries:

External links:

PCprotectar

Main HJT log entry:

PcSecureNet

Main HJT log entries:

Other identified HJT log entries:

External links:

PcsProtector

Main HJT log entries:

External links:

PcsSecure

Main HJT log entries:

Other identified HJT log entries:

External links:

ProtectPcs

Main HJT log entries:

Other identified HJT log entries:

External links:

REAnti

Main HJT log entry:

Other identified HJT log entries:

External links:

RESpyWare

Main HJT log entry:

Other identified HJT log entries:

External links:

SafePcAv

Main HJT log entry:

External links:

SecureKeeper

Main HJT log entry:

Other identified HJT log entries:

External links:

SecurePcAv

Main HJT log entry:

Other identified HJT log entries:

External links:

SiteAdware

Main HJT log entry:

External links:

SiteVillain

Main HJT log entry:

SysDefence

Main HJT log entries:

External links:

SysDefenders

Main HJT log entry:

Other identified HJT log entries:

External links:

SysProtector

Main HJT log entry:

External links:

TheDefend

Main HJT log entries:

Other identified HJT log entries:

External links:

Back to Rogues - Overview

Copyright © Pacman's Portal, 2001 - 2016
Powered by Malwarebytes
All rights reserved

Valid XHTML 1.0 Transitional

Privacy Policy Site Map Home