Antispyware Shield Pro
Antispyware Shield Pro will first pretend as an online virus scanner web site that will perform fake detection and alarms visitors of possible security risks. It will ask user to download and install a copy of Antispyware Shield Pro that pretends to be a remover of threats. As you can notice, implementing this is a common tactic to spread and sell fake security programs or commonly known as rogue antivirus. Creation of Antispyware Shield Pro aims to deceive users by issuing fake alerts and warnings messages that force users to register the program.
Installing a copy of Antispyware Shield Pro will further harm the computer because it contains several malicious files that may prevent antivirus programs from running. The malware may also block Internet access to known security web to prevent user from downloading Antispyware Shield removal tool.
Screen Shot Image:
Technical Details and Additional Information:
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7
Characteristics (Analysis)
Antispyware Shield Pro claims that it can remove computer threats like Trojan, virus, worm, malware and spyware. However, after thorough diagnostics on its files and components, it clearly signifies that Antispyware Shield Pro is incapable to provide such protection. Its scanning and detection process is purely animated to imitate genuine security software.
The entire scheme is devised in its effort to mislead computer users so that they will commit to purchase the licensed version of Antispyware Shield Pro. This rogue program cannot provide protection and neither remove any threats. It is lack of modules and database to perform sincere virus scan. Therefore, purchasing this program is worthless; its presence may produce harm on the affected computer.
Added Registry Entries:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Restore" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antispyware Shield Pro HKEY_CURRENT_USER\Software\Entire Safe Scripts Ltd\Antispyware Shield Pro HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\antispyshield.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableLUA" = 0Associated Files and Folders:
C:\Documents and Settings\All Users\Application Data\KLPO921 C:\Documents and Settings\All Users\Application Data\KLPO921\restore.exe C:\Documents and Settings\All Users\Application Data\Microsoft\Restore C:\Documents and Settings\All Users\Application Data\Microsoft\Restore\storage.dat C:\Program Files\Antispyware Shield Pro C:\Program Files\Antispyware Shield Pro\antispyshield.exe C:\Program Files\Antispyware Shield Pro\License.rtf C:\Program Files\Antispyware Shield Pro\uninst.exe %UserProfile%\Desktop\Antispyware Shield Pro.lnk %UserProfile%\Start Menu\Programs\Antispyware Shield Pro %UserProfile%\Start Menu\Programs\Antispyware Shield Pro\Antispyware Shield Pro.lnk %UserProfile%\Start Menu\Programs\Antispyware Shield Pro\Uninstall.lnk
How to Remove Antispyware Shield Pro
1. Kill any running process that belongs to Antispyware Shield Pro.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for the following files and click End Task.
antispyshield.exe, restore.exe
2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit. This will open registry editor.
- Find and delete the following:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Restore"
- Close registry editor. Changes made will be save automatically.
3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please Update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.
4. Delete all files dropped by Antispyware Shield Pro.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Associated Files and Folders.'