ReAnti Description

ReAnti is a misleading security program that can infect unsuspecting users’ systems via Trojans, malicious websites or social engineering scams. When inside your PC, ReAnti will create several files with random names and place them in the Windows system folders. The files are actually harmless but will be detected as dangerous when ReAnti launches a fake system scan.

Along with the alarming scan report, warnings messages and frequent pop-ups will be displayed, all informing the user of severe malware infections and a recommendation to purchase the “full version” of ReAnti. Do not fall for this scam! ReAnti is a useless application that should be removed immediately.

Type: Rogue AntiSpyware Programs

How Can You Detect ReAnti?

ReAnti Technical Report

As new ReAnti details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following ReAnti files with its MD5s were created in the system:

ReAnti has typically the following processes in memory:

• nsProcess.dll
• REAnti.exe

ReAnti created the following directories, files, paths:

• %ProgramFiles%\REAnti Software\REAnti
• %AllUsersProfile%\Start Menu\Programs\REAnti

ReAnti creates the following registry entries:

• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\REAnti
• HKEY_LOCAL_MACHINE\SOFTWARE\REAnti
• HKEY_CURRENT_USER\Software\REAnti
• REAnti

Important Article Disclaimer