APcSafe is a rogue antispyware program that installed through the use of trojans. The trojans are mostly distributed from fake online scanners and various misleading websites that ask users to download a software that pretend to be flash player updates or even video codecs required to watch a video online.
When the trojan is started, it will download and install APcSafe onto the computer. Then it will register the rogue in the Windows register to run automatically when Windows starts. The same trojan will create a lot of fake malware files, that absolutely harmless, but APcSafe will detect them as viruses, trojans, worms and malware. Important to know, the program only imitates a system scan as an attempt to scare you you into thinking that your computer is infected with all sorts of malicious software. So, you can safety ignore the scan results!
Last but not least, the same trojan that installs APcSafe will also download and install two another trojans. First trojan is a trojan FakeAlert that will display a lot of fake spyware alerts and a fake Windows Security Center that will suggest you register the rogue. Some of the alerts:
Spyware Alert!
Your computer is infected with spyware. It could damage your
critical files or expose your private data on the Internet. Click
here to register your copy of APcSafe and remove
spyware threats from your PC.
All of these alerts are fake and should be ignored! Second trojan is a variant of trojan/rootkit TDSS. The trojan may redirect search results in Google, Yahoo, MSN, block an access to security websites and much more.
As you can see, APcSafe is designed with one purpose to trick you into purchasing so-called “full” version of the program. If you find that your computer is infected with this malware, then be quick and take effort to remove it immediately. Use the removal guide below to remove APcSafe from your computer for free.
More screen shoots of APcSafe
Symptoms in a HijackThis Log
O4 – HKLM\..\Run: [APcSafe] C:\Program Files\APcSafe Software\APcSafe\APcSafe.exe -min
O4 – HKCU\..\Run: [
Spyware can do the following:
1. gather information about user habits of use of the Internet, what sites are visited most frequently (known as “tracking software”);
2. record keystrokes (keyloggers) and make a screenshots (screen scraper) and send collected data to the creator of the spyware;
3. remotely control user computer (remote control software) – backdoor, botnets, droneware;
4. download and run on user computer an additional malware;
5. analyze the state of security systems, scan an open ports, and look for vulnerabilities to crack passwords;
Use the following instructions to remove APcSafe (Uninstall instructions)
Download TDSSKiller from here and unzip to your desktop.
Open TDSSKiller folder and double click the TDSSKiller icon. Follow the prompts.
Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.
Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded you will see window similar to the one below.
Malwarebytes Anti-Malware Window
Select Perform Quick Scan, then click Scan, it will start scanning your computer for APcSafe infection. This procedure can take some time, so please be patient.
When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure that everything is checked, and click Remove Selected for start APcSafe removal process. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.
APcSafe creates the following files and folders
C:\Documents and Settings\All Users\Start Menu\Programs\APcSafe
C:\Program Files\APcSafe Software
C:\Program Files\APcSafe Software\APcSafe
C:\Program Files\APcSafe Software\APcSafe\APcSafe.exe
C:\WINDOWS\system32\
Spyware can do the following:
1. gather information about user habits of use of the Internet, what sites are visited most frequently (known as “tracking software”);
2. record keystrokes (keyloggers) and make a screenshots (screen scraper) and send collected data to the creator of the spyware;
3. remotely control user computer (remote control software) – backdoor, botnets, droneware;
4. download and run on user computer an additional malware;
5. analyze the state of security systems, scan an open ports, and look for vulnerabilities to crack passwords;
C:\Documents and Settings\comp\Local Settings\temp\00002e99
C:\WINDOWS\system32\spool\prtprocs\w32x86\00003e8f.tmp
C:\Documents and Settings\All Users\Start Menu\Programs\APcSafe\1 APcSafe.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\APcSafe\2 Homepage.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\APcSafe\3 Uninstall.lnk
C:\Program Files\APcSafe Software\APcSafe\uninstall.exe
C:\Documents and Settings\All Users\Desktop\APcSafe.lnk
APcSafe creates the following registry keys and values
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\APcSafe
HKEY_LOCAL_MACHINE\SOFTWARE\APcSafe
HKEY_CURRENT_USER\Software\APcSafe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Spyware can do the following:
1. gather information about user habits of use of the Internet, what sites are visited most frequently (known as “tracking software”);
2. record keystrokes (keyloggers) and make a screenshots (screen scraper) and send collected data to the creator of the spyware;
3. remotely control user computer (remote control software) – backdoor, botnets, droneware;
4. download and run on user computer an additional malware;
5. analyze the state of security systems, scan an open ports, and look for vulnerabilities to crack passwords;
