Read the same in:

Home / Fighting malicious programs / Rogue security software

Home products
1-5 computers

Small Office Security
5-10 computers

Business products
Workstations & Servers protection

Fighting malicious programs
How to disinfect...

Kaspersky Virus Scanner for Mac

Kaspersky Security Scan 2.0

Kaspersky Virus Removal Tool 2011

Virus-fighting utilities

Viruses and solutions

PC and online safety

Rogue security software

Kaspersky Rescue Disk 10

Remove banner from Desktop, unlock Windows

Training and Certification
Take an educational course and become a certified security specialist

Self Service
More help online

Support Services and Contacts
Information about support services and rules

Virus Activity

virus activity is normal

APcSafe: Rogue security software

Rogue security software is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware. Rogue security software, in recent years, has become a growing and serious security threat in desktop computing. For your convenience in this section we gathered all known rogue security software in one list by alphabet.

APcSafe: Rogue security software
ID Article: 3538	Other languages:	8	2010 Mar 18 18:17	Printable version

1. Program description

APcSafe (A Pc Safe) - Rogue Security Software - is a type of misleading application that pretends to be legitimate security software, such as an antivirus scanner or registry cleaner, but which actually provides the user with little or no protection whatsoever. APcSafe is a new variant of the family Winisoft. The author of APcSafe also created the following software:

APcSecure, DefendAPc, SysDefenders, InSysSecure, SysProtector, APcDefender, PcsProtector, GreatDefender, APCprotect, ProtectPcs, SysDefence, TheDefend, GuardPcs, IGuardPc, SiteAdware, AntiTroy, AntiKeep, AntiAdd, RESpyWare, REAnti, KeepCop, SiteVillain, LinkSafeness, SecureKeeper, AntiAID, System Warrior, System Veteran, System Fighter, Block Protector, Block Keeper, Block Scanner, Block Watcher, SoftBarrier, Shield Safeness, Soft Stronghold, Soft Veteran, SoftCop, Soft Soldier, Trust Fighter, Trust Soldier, Safe Fighter, Trust Cop, Secure Warrior, Secure Fighter, Secure Veteran, Security Soldier, Security Fighter, Save Armor, Save Defender, Trust Warrior, Soft Safeness, Safety Keeper, Save Keeper, Quick Heal Cleaner, System Cop, Block Defense, Save Defense, Trust Ninja, Save Soldier, Save Keep, Winishield, Wini Fighter, WiniBlueSoft.

Kaspersky Lab’s experts do not recommend visiting the websites of the rogue security applications mentioned in this article because these sites may be unsafe and could potentially harm your computer.

2. Actions

After the installation APcSafe creates a definite number of empty files with different names on the computer. Once the computer scan is started APcSafe detects these files as malicious and offers to delete these files once you purchase the license for this program.

3. Files

During the installation APcSafe copies the following files to the hard drive:

%ProgramFiles%\APcSafe Software\ApcSafe\ApcSafe.exe
%ProgramFiles%\APcSafe Software\ApcSafe\main_config.xml
%ProgramFiles%\APcSafe Software\ApcSafe\uninstall.exe
%AllUsersProfile%\Desktop\ApcSafe.lnk
%AllUsersProfile%\Start Menu\Programs\ApcSafe\1 ApcSafe.lnk
%AllUsersProfile%\Start Menu\Programs\ApcSafe\2 Homepage.lnk
%AllUsersProfile%\Start Menu\Programs\ApcSafe\3 Uninstall.lnk

4. System registry

In order to function normally APcSafe creates the following branches in the system registry:

HKEY_LOCAL_MACHINE\software\ApcSafe
HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Uninstall\ApcSafe
HKEY_CURRENT_USER\software\ApcSafe
HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Run, “ApcSafe”
HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Run, “ApcSafe”

5. Screenshot of the program

Stay connected