Thursday, January 10, 2008
AntiSpyCheck is another classic example of rogue security application. AntiSpyCheck is a successor of AdProtect Rogue security application.

Screenshot of AntiSpyCheck Website

I must mention that has done lot of work on their website, especially copying and removing a few contents of website. :-)

As the site AntiSpyCheck uses most of the files used by AdProtect but they have changed the names.

Site name:
IP address:
Registrant: Hidden behind

Screenshot of AntiSpyCheck Application

Screenshot of AntiSpyCheck Application nagging message box

The trial version of the application detects many false threats (usually legitimate registry keys) on the system and nags the user to purchase the full version in order to remove the threats detected.

I scanned the installer file from the site:

VirusTotal Scan Result: 3/32 (9.38%)

Avast 4.7.1098.0 2008.01.08 Win32:MailBot-N
Microsoft 1.3109 2008.01.08 Program:Win32/SpyAxe
NOD32v2 2775 2008.01.08 Win32/Adware.AdProtect

I also scanned the main exe file of the application:

Virustotal Scan Result: 6/32 (18.75%)

Avast 4.7.1098.0 2008.01.08 Win32:MailBot-N
F-Prot 2008.01.08 W32/HackTool.CNX
Ikarus T3.1.1.20 2008.01.09 Virus.Win32.Mailbot.N
Panda 2008.01.08 Suspicious file
Prevx1 V2 2008.01.09 Heuristic: Suspicious Self Modifying EXE
Webwasher-Gateway 6.6.2 2008.01.08 Riskware.Fake.SpywareAxe

Stay away from this rogue security application.

Bharath M N

blog comments powered by Disqus