Antispyware Pro 2012 Removal Report

Antispyware Pro 2012

By ESGI Advisor in Rogue Anti-Spyware Program | 185 views

Rate it:

(1 votes, average: 5.00 out of 5)

Loading ...

[+] Click Image to Enlarge

ESG security researchers classify Antispyware Pro 2012 as a rogue security program. Rogue anti-virus or anti-malware applications are among the most common kinds of malware infections. They are designed to steal money from inexperienced computer users by pretending to be legitimate security programs and convincing the victim to purchase Antispyware Pro 2012’s nonexistent full version. Most Antispyware Pro 2012 infections are installed on a victim’s computer system without that computer user’s knowledge. However, ESG security analysts have observed that Antispyware Pro 2012 is also often installed through fake online malware scans that prompt the victim to download and install this fake security program. However, computer users that do this do it without fully realizing that Antispyware Pro 2012 has no real anti-malware capabilities. In fact, if computer users were aware of the extent of Antispyware Pro 2012’s intrusive behavior they would definitely not install this fake security program.

Why You Should Avoid Installing Antispyware Pro 2012 on Your Computer System

Basically, Antispyware Pro 2012 will usually be associated with a Trojan infection and a variety of other malware threats. This Trojan will enter the victim’s computer system without the victim’s knowledge and install Antispyware Pro 2012 surreptitiously. Once Antispyware Pro 2012 is installed, this program will start displaying irritating and misleading error messages and pop-up notifications from the Windows Task Bar. All of these messages will claim that the victim’s computer is heavily infected with numerous viruses and Trojans (besides those associated with Antispyware Pro 2012, that is). Antispyware Pro 2012 will also run a fake system scan showing alarming results. This entire charade is meant to push inexperienced computer users into purchasing a fake ‘full version’ of Antispyware Pro 2012, which is just as useless as its trial version.

Dealing with an Antispyware Pro 2012 Infection

ESG security researchers advise using a reliable anti-malware program that is fully updated to detect and remove Antispyware Pro 2012 and all of its associated malware. Some versions of Antispyware Pro 2012 may be associated with malware capable of detecting and disabling legitimate security programs. To prevent this from happening, ESG security analysts recommend either starting up in Safe Mode or initiating Windows from an external drive. It may be necessary to restore harmful changes made by Antispyware Pro 2012 to the infected computer’s registry, system settings, and web browser preferences.

Type: Rogue AntiSpyware Programs

How Can You Detect Antispyware Pro 2012?

Download SpyHunter’s Detection Scanner
to Detect Antispyware Pro 2012.

Can’t install SpyHunter? Click here to view possible causes of installation issues.

Antispyware Pro 2012 Removal Details

Antispyware Pro 2012 creates the following files in the system:

%CommonStartMenu%\Programs\Antispyware Pro 2012.lnk
%Desktop%\Antispyware Pro 2012.lnk
%AppData%\result.db

Antispyware Pro 2012 creates the following registry entries:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Inspector”
HKEY_CURRENT_USER\Software\ASProtect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\emsw.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bisp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscache.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “EnableLUA” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorUser” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “UID” = “ypjcmvvgbv”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AluSchedulerSvc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tfak5.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wnad.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegistryTools” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegedit” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorAdmin” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “net” = “2012-5-12_7″
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\init.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rwg.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\patch.exe

Important Article Disclaimer

This entry was last updated on 05/22/12 and posted on 05/22/12. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.