My Safe PC 2014

Posted: August 19, 2013
Threat Metric
Threat Level: 10/10
Infected PCs 68

My Safe PC 2014 Description

My Safe PC 2014 Screenshot 1My Safe PC 2014 is a rogue anti-malware program based on the FakeRean family template and includes various security-harming attacks such as blocking other programs, hijacking your browser and displaying fraudulent malware warnings. Alerts from My Safe PC 2014 infections will attempt to convince their victims that their PCs are being attacked by numerous PC threats, including keyloggers and other forms of spyware, but My Safe PC 2014 can neither detect nor delete real malware. The typical reaction to My Safe PC 2014 always should be to use a real anti-malware product to remove My Safe PC 2014 immediately, although SpywareRemove.com malware researchers usually find that some additional security steps are required to gain unimpeded access to all necessary software.

My Safe PC 2014: Ironically Making Your PC as Unsafe as Possible

My Safe PC 2014 is disguised to look identical to a real anti-malware product, but actually is scamware that can only attack your PC, rather than protect it. The majority of My Safe PC 2014's appearance and attacks are culled from previous members of its family (identified by SpywareRemove.com malware experts as FakeRean). My Safe PC 2014's family has numerous branches with minor divergences in behavior, including individual variants like Antivirus 2008 Pro, Antivirus XP 2008, Windows Antivirus 2008, Vista Antivirus 2008, PC Clean Pro, Antivirus Pro 2009, Rogue.Vista Antivirus 2008, AntiSpy Safeguard, ThinkPoint, Spyware Protection 2010, Internet Antivirus 2011, Palladium Pro, XP Anti-Virus 2011, CleanThis, XP Security 2012, XP Home Security 2012 and AntiVirus PRO 2015. Symptoms that one may expect from My Safe PC 2014 or most related rogue anti-malware programs include:

  • My Safe PC 2014 will reroute any attempts to use executable (EXE) program files towards itself. In most cases, My Safe PC 2014 will block the affected program and generate a fraudulent pop-up claiming that the program has been infected. Some basic Windows programs, including your browser, will remain unblocked.
  • If you attempt to use your browser to navigate to a security-related site (such as Microsoft.com), My Safe PC 2014 will hijack your browser and redirect it to a fraudulent warning page.
  • In a less visible (but no less dangerous) attack than the above, My Safe PC 2014 also will make various changes to your browser that harm your PC's security. Typical changes may include blocking the Windows update cycle or deactivating your default firewall.
  • In accordance with its disguise as an anti-malware product, My Safe PC 2014 also will display pop-ups and system scans that are pre-configured to always 'detect' PC threats on your computer even if My Safe PC 2014 is the only malware present. These deliberately misleading attacks are intended to frighten you into spending money on My Safe PC 2014's fraudulent software registration, which supposedly will disinfect your computer.

Getting Real Safety from My Safe PC 2014

Ordinarily, PCs that are infected with My Safe PC 2014 are compromised by secondary Trojans or by online exploit kits like Blackhole Exploit Kit that also may install additional PC threats besides My Safe PC 2014. Due to this inherent risk, SpywareRemove.com malware experts recommend using anti-malware software to scan your computer generously for clearing up any My Safe PC 2014 infection, which should allow you to identify any other malware related to its presence.

Because My Safe PC 2014 usually will block anti-malware programs on sight, you may need to disable My Safe PC 2014 before using all necessary security software. However, booting from a secure peripheral device can allow you to launch Windows without My Safe PC 2014 and related PC threats also being launched. SpywareRemove.com malware experts also recommend using Safe Mode as the preferred anti-malware scanning environment whenever possible.

My Safe PC 2014 Screenshot 2My Safe PC 2014 Screenshot 3My Safe PC 2014 Screenshot 4My Safe PC 2014 Screenshot 5My Safe PC 2014 Screenshot 6

Aliases


Trj/Genetic.gen [Panda]FakeAV.AJJA [AVG]W32/Kryptik.AQSA!tr [Fortinet]Trojan-Downloader.Win32.Bilakip [Ikarus]Trojan.DL.Agent!4F44a variant of Win32/Kryptik.AQYPTrojan.ZeroaccessBScope.Malware-Cryptor.SB.01798Trojan/Win32.Jorik [AhnLab-V3]Rogue:Win32/FakeDef [Microsoft]Trojan/Win32.Generic [Antiy-AVL]Trojan/Jorik.jfvxTroj/Zbot-DHN [Sophos]TR/Crypt.XPACK.Gen7 [AntiVir]Trojan.Win32.FakeAlert.bns (v)
More aliases (32)

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to My Safe PC 2014 may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



GRPCONV.EXE File name: GRPCONV.EXE
Size: 62.32 KB (62328 bytes)
MD5: 4548ee82b890bbbc3af1a8c66f7848a6
Detection count: 13
File type: Executable File
Mime Type: unknown/EXE
Group: Malware file
Last Updated: August 19, 2013
%Desktop%\My Safe PC 2014.lnk File name: %Desktop%\My Safe PC 2014.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%CommonAppData%\pavsdata\ File name: %CommonAppData%\pavsdata\
Group: Malware file
%CommonAppData%\pavsdata\app.ico File name: %CommonAppData%\pavsdata\app.ico
Mime Type: unknown/ico
Group: Malware file
%CommonAppData%\pavsdata\uninst.ico File name: %CommonAppData%\pavsdata\uninst.ico
Mime Type: unknown/ico
Group: Malware file
%CommonAppData%\pavsdata\support.ico File name: %CommonAppData%\pavsdata\support.ico
Mime Type: unknown/ico
Group: Malware file
%CommonAppData%\pavsdata\idfdata.bin File name: %CommonAppData%\pavsdata\idfdata.bin
File type: Binary File
Mime Type: unknown/bin
Group: Malware file
%CommonAppData%\pavsdata\cache.bin File name: %CommonAppData%\pavsdata\cache.bin
File type: Binary File
Mime Type: unknown/bin
Group: Malware file
%CommonAppData%\pavsdata\security_defender.exe File name: %CommonAppData%\pavsdata\security_defender.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
%CommonStartMenu%\Programs\My Safe PC 2014\ File name: %CommonStartMenu%\Programs\My Safe PC 2014\
Group: Malware file
%CommonStartMenu%\Programs\My Safe PC 2014\My Safe PC 2014.lnk File name: %CommonStartMenu%\Programs\My Safe PC 2014\My Safe PC 2014.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%CommonStartMenu%\Programs\My Safe PC 2014\Remove My Safe PC 2014.lnk File name: %CommonStartMenu%\Programs\My Safe PC 2014\Remove My Safe PC 2014.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%CommonStartMenu%\Programs\My Safe PC 2014\My Safe PC 2014 Help and Support.lnk File name: %CommonStartMenu%\Programs\My Safe PC 2014\My Safe PC 2014 Help and Support.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file

Registry Modifications


The following newly produced Registry Values are:

HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = "4g"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "avsdsvc" = "%CommonAppData%\pavsdata\security_defender.exe /min"HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = ""%CommonAppData%\pavsdata\security_defender.exe" /ex "%1" %*"HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\pavsdata

Additional Information

The following messages's were detected:
# Message
1My Safe PC 2014 Firewall Alert
notepad.exe is infected with Trojan-GameThief.Win32.Nilage.ipj Private data can be stolen by third parties, including credit card details and passwords.
2Security Alert
Vulnerabilities Found
Background scan for security breaches has been finished. Serious problems have been detected. Safeguard your system against exploits, malware and viruses right now by activating Proactive Defence.
Upgrade to full version of My Safe PC 2014 software package now! Clean your system and ward off new attacks against your system integrity and sensitive data. FREE daily updates and online protection from web-based intrusions are already in the bundle.
3System Security Alert
Unknown program is scanning your system registry right now! Identity theft detected.
4System Security Alert
Vulnerabilities found
Background scan for security breaches was finished. Serious issues were detected. Safeguard your system against exploits, malware and viruses right now by activating Proactive Defense.

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.