Index Introduction Database Detailed Entries Updates Concise List HJT Forums Rogues Message Board

Rogue Applications - Overview

If you're not familiar with rogue applications then a good starting point in understanding what we're dealing here is this description (taken from the CA page about one such program - AVSystemCare):

Rogue Security Software: "Security software that uses deceptive means for installation and other purposes. Once installed, the rogue software usually uses scare tactics to inform the user that spyware or malware is installed on their system. The rogue security software then claims to offer remediation in exchange of payment. These applications can come bundled with other malware that serve other purposes. This type of software usually comes in the form of Anti-spyware, or Anti-virus applications."

I don't plan to introduce you to all of those currently available and how to remove them - as there are plenty of other sites out there doing a perfectly good job of it and they're more experienced and qualified in this field than I am. Instead, I only intend to highlight particular groups of these applications that come from the same (or associated sources) and share common features or files. This information has been compiled after hours of research on the net.

Recommendations

Whilst I can't offer specific removal instructions I can, however, offer a few suggestions on this front though - and a warning:

Many of the removal guides referenced for the rogues in the start-up database use MalwareBytes Anti-Malware, which incorporates the functionality from their popular (but now discontinued) RogueRemover products:

MalwareBytes

AVSystemCare family

This family consists of the rogue AVSystemCare security software (anti-virus, anti-spyware, firewall and pop-up blocker) and currently 85 identified variants - all characterized by sharing the same main executable name (pgs.exe), similar interface and other shared files.

ErrClean family

This family consists of the rogue ErrClean system error and cleaning utility (which displays exaggerated reports of errors on the computer) and currently 29 identified variants - all characterized by sharing the same main executable name (SysRep.exe), similar interface and other shared files.

PCPrivacyTool family

This family consists of the rogue PCPrivacyTool privacy program (which displays exaggerated warnings and labels legitimate programs as privacy risks) and currently 30 identified variants - all characterized by sharing the same main executable name (GDC.exe), similar interface and other shared files.

WiniGuard family

This family consists of the rogue WiniGuard security software and currently 39 identified variants - all characterized by using a similar interface.

AntiAID family

This family consists of the rogue AntiAID security software and currently 32 identified variants - all characterized by using a similar interface.

Back to Startup Applications

Copyright © Pacman's Portal, 2001 - 2017
Powered by Malwarebytes
All rights reserved

Valid XHTML 1.0 Transitional

Privacy Policy Site Map Home