New Rogue! Antispyware Pro 2009

by Albin on March 6th, 2009 in Rogues, Security Alerts.

Antispyware Pro 2009 is a new rogue anti-spyware application. It will give exaggerated threat reports on the compromised computer then ask the user to purchase a registered version to remove threats which don't exist.

Antispyware Pro 2009 installs the following files, folders and registry entries:

Files

ASProSB.dll

ASpyProPUBlk.dll

AntiSpyware Pro.exe

Folders

%ProgramFiles%Antispyware Pro

%CommonPrograms%Antispyware Pro

RegistryEntries

Key: HKEY_CURRENT_USER\Software\AntiSpyware Pro
Value:
Data:

Key: HKEY_CLASSES_ROOT\CLSID\{66B643BE-5E94-4569-B93E-CE2636848AC8}
Value:
Data:

Key: HKEY_CLASSES_ROOT\CLSID\{6D1CD63B-2FD7-48AA-ADA9-C847829A22AD}
Value:
Data:

Key: HKEY_CLASSES_ROOT\CLSID\{BFD7B5CD-F8CB-4E26-A406-CC5B655F4815}
Value:
Data:

Key: HKEY_CLASSES_ROOT\Interface\{EC4C2EAC-A823-42D4-9675-3D286A281BF5}
Value:
Data:

Key: HKEY_CLASSES_ROOT\TypeLib\{7FA7E4D2-5EA2-4B67-8A04-661663F3DBE9}
Value:
Data:

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66B643BE-5E94-4569-B93E-CE2636848AC8}
Value:
Data:

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiSpyware Pro
Value:
Data:

Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: AntiSpyware Pro
Data: "C:\Program Files\AntiSpyware Pro\AntiSpyware Pro.exe" hide