AntiSpyCheck 2.4
AntiSpyCheck 2.4 (also known as AntiSpyCheck) is fraudulent anti-spyware application. Like most of the rogue anti-spyware applications, AntiSpyCheck 2.4 may be downloaded and installed onto your computer by a Trojan. AntiSpyCheck 2.4 is designed to lure unsuspecting users out of their money by scaring them into purchasing the full version of the program. In order to trick you, AntiSpyCheck 2.4 performs a bogus scan and displays fraudulent parasite threat notifications. AntiSpyCheck 2.4 is not a legitimate anti-spyware removal tool and cannot be trusted. Immediate removal of AntiSpyCheck 2.4 is strongly recommended.
File System Modifications
- The following files were created in the system:
# File Name 1 %desktopdirectory%\antispycheck v2.4.lnk 2 %profile%\application data\microsoft\internet explorer\quick launch\antispycheck v2.4.lnk 3 %program_files%\antispycheck\activex.db 4 %program_files%\antispycheck\antispycheck.chm 5 %program_files%\antispycheck\antispycheck.exe 6 %program_files%\antispycheck\antispycheck.url 7 %program_files%\antispycheck\ascnospam.dll 8 %program_files%\antispycheck\blacklist.db 9 %program_files%\antispycheck\config.ini 10 %program_files%\antispycheck\cookies.db 11 %program_files%\antispycheck\dbghelp.dll 12 %program_files%\antispycheck\filesnames.db 13 %program_files%\antispycheck\hosts.db 14 %program_files%\antispycheck\knownlocations.db 15 %program_files%\antispycheck\languages\english.ini 16 %program_files%\antispycheck\languages\spanish.ini 17 %program_files%\antispycheck\logs\asc_activity-01112008-040050.log 18 %program_files%\antispycheck\md5.db 19 %program_files%\antispycheck\msvcp71.dll 20 %program_files%\antispycheck\msvcr71.dll 21 %program_files%\antispycheck\plugins\desktopmanager\desktopmanager.dll 22 %program_files%\antispycheck\plugins\desktopmanager\languages\english.ini 23 %program_files%\antispycheck\plugins\desktopmanager\languages\spanish.ini 24 %program_files%\antispycheck\plugins\messengercontrol\languages\english.ini 25 %program_files%\antispycheck\plugins\messengercontrol\languages\spanish.ini 26 %program_files%\antispycheck\plugins\messengercontrol\messengercontrol.dll 27 %program_files%\antispycheck\plugins\startupeditor\languages\english.ini 28 %program_files%\antispycheck\plugins\startupeditor\languages\spanish.ini 29 %program_files%\antispycheck\plugins\startupeditor\startupeditor.dll 30 %program_files%\antispycheck\registry.db 31 %program_files%\antispycheck\sdebug.log 32 %program_files%\antispycheck\spywareinfo.db 33 %program_files%\antispycheck\tips.txt 34 %program_files%\antispycheck\uninst.exe 35 %programs%\antispycheck\antispycheck v2.4 un-installer.lnk 36 %programs%\antispycheck\antispycheck v2.4 website.lnk 37 %programs%\antispycheck\antispycheck v2.4.lnk 38 %startmenu%\antispycheck v2.4.lnk 39 antispycheck.exe 40 asc_2.4_setup.exe 41 asc_setup_light.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\software\microsoft\windows\shellnoroam\muicache c:\program files\antispycheck\antispycheck.exeHKEY_LOCAL_MACHINE\software\antispycheckHKEY_LOCAL_MACHINE\software\antispycheck aidHKEY_LOCAL_MACHINE\software\antispycheck firstrunHKEY_LOCAL_MACHINE\software\antispycheck installidHKEY_LOCAL_MACHINE\software\antispycheck languageHKEY_LOCAL_MACHINE\software\antispycheck threadscountHKEY_LOCAL_MACHINE\software\antispycheck tipdayHKEY_LOCAL_MACHINE\software\antispycheck tipindexHKEY_LOCAL_MACHINE\software\licenses {0b15c0fbdc5a71ffb}HKEY_LOCAL_MACHINE\software\licenses {0b719be9b0c8d3287}HKEY_LOCAL_MACHINE\software\licenses {ib15c0fbdc5a71ffb}HKEY_LOCAL_MACHINE\software\licenses {ib719be9b0c8d3287}HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\antispycheck.exeHKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\clsid\{d2608046-dd09-a225-01bf-70c1edd8b2e8}HKEY_CLASSES_ROOT\clsid\{d2608046-dd09-a225-01bf-70c1edd8b2e8}\aucvidcykgreHKEY_CLASSES_ROOT\clsid\{d2608046-dd09-a225-01bf-70c1edd8b2e8}\bfhrxfktlHKEY_CLASSES_ROOT\clsid\{d2608046-dd09-a225-01bf-70c1edd8b2e8}\dociplctxfxxHKEY_CLASSES_ROOT\clsid\{d2608046-dd09-a225-01bf-70c1edd8b2e8}\ihevnjkbdHKEY_CLASSES_ROOT\clsid\{d2608046-dd09-a225-01bf-70c1edd8b2e8}\inprocserver32HKEY_CLASSES_ROOT\clsid\{d2608046-dd09-a225-01bf-70c1edd8b2e8}\inprocserver32 threadingmodelHKEY_CLASSES_ROOT\clsid\{d2608046-dd09-a225-01bf-70c1edd8b2e8}\nrnghacpqcymHKEY_CLASSES_ROOT\clsid\{d2608046-dd09-a225-01bf-70c1edd8b2e8}\szwuHKEY_CLASSES_ROOT\clsid\{d2608046-dd09-a225-01bf-70c1edd8b2e8}\uuzxogbHKEY_CLASSES_ROOT\clsid\{f3210e86-46a8-5973-963f-0ef4cf226a0c}HKEY_CLASSES_ROOT\clsid\{f3210e86-46a8-5973-963f-0ef4cf226a0c} mfnskmeHKEY_CLASSES_ROOT\clsid\{f3210e86-46a8-5973-963f-0ef4cf226a0c}\inprocserver32HKEY_CLASSES_ROOT\clsid\{f3210e86-46a8-5973-963f-0ef4cf226a0c}\inprocserver32 threadingmodelHKEY_CLASSES_ROOT\clsid\{f3210e86-46a8-5973-963f-0ef4cf226a0c}\progidHKEY_CLASSES_ROOT\clsid\{f3210e86-46a8-5973-963f-0ef4cf226a0c}\typelibHKEY_CLASSES_ROOT\clsid\{f3210e86-46a8-5973-963f-0ef4cf226a0c}\versionindependentprogidHKEY_CLASSES_ROOT\interface\{cf231820-9904-4a37-b5b0-c87ef6f6cc82}HKEY_CLASSES_ROOT\interface\{cf231820-9904-4a37-b5b0-c87ef6f6cc82}\proxystubclsidHKEY_CLASSES_ROOT\interface\{cf231820-9904-4a37-b5b0-c87ef6f6cc82}\proxystubclsid32HKEY_CLASSES_ROOT\interface\{cf231820-9904-4a37-b5b0-c87ef6f6cc82}\typelibHKEY_CLASSES_ROOT\interface\{cf231820-9904-4a37-b5b0-c87ef6f6cc82}\typelib versionHKEY_CLASSES_ROOT\typelib\{5aa883db-7cfd-4737-b3c3-c671595ecce5}HKEY_CLASSES_ROOT\typelib\{5aa883db-7cfd-4737-b3c3-c671595ecce5}\1.0HKEY_CLASSES_ROOT\typelib\{5aa883db-7cfd-4737-b3c3-c671595ecce5}\1.0\0HKEY_CLASSES_ROOT\typelib\{5aa883db-7cfd-4737-b3c3-c671595ecce5}\1.0\0\win32HKEY_CLASSES_ROOT\typelib\{5aa883db-7cfd-4737-b3c3-c671595ecce5}\1.0\flagsHKEY_CLASSES_ROOT\typelib\{5aa883db-7cfd-4737-b3c3-c671595ecce5}\1.0\helpdirHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run antispycheckHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}antispycheckantispycheck displayiconantispycheck displaynameantispycheck displayversionantispycheck nsis:startmenudirantispycheck publisherantispycheck uninstallstringantispycheck urlinfoabout
I have antispycheck infection, but none of the files or registry keys you allude to can be found -- only icon in sytem tray. Help?