间谍软件AntiSpyware Soldier
作者:冠群金辰技术支持
文章来源:

概述
类别
Adware :  在网页上方或后方的弹出广告的软件，此时主用户界面还不可见，或与产品没有什么关联。

发源
发源日期
  2006年12月 

检测和删除
手工删除
按照以下步骤从您的机器删除AntiSpyware Soldier。先备份您的注册表和系统，并设置一个还原点，防止发生错误。
停止运行进程:
利用任务管理器停止以下运行进程：
%program_files%\antispyware soldier\unins000.exe
%program_files%\antispyware soldier\antispysoldier.exe
%program_files%\antispyware soldier\pkill.exe

撤消 DLL 的注册:
使用 Regsvr32 撤销以下 DLLs 的注册，然后重启：
%program_files%\antispyware soldier\bz.dll

清除注册表:
使用注册表编辑器清除以下注册项（如果存在）：
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\antispyware soldier_is1

删除文件:
使用资源管理器删除以下文件（如果存在）：
%program_files%\antispyware soldier\antispysoldier.exe
%program_files%\antispyware soldier\antispysoldier.url
%program_files%\antispyware soldier\antispyware soldier on the web.lnk
%program_files%\antispyware soldier\antispyware soldier.lnk
%program_files%\antispyware soldier\pkill.exe
%program_files%\antispyware soldier\sounds\crit.wav
%program_files%\antispyware soldier\unins000.dat
%desktopdirectory%\antispyware soldier.lnk
%profile%\application data\microsoft\internet explorer\quick launch\antispyware soldier.lnk
%profile%\local settings\application data\antispywaresoldier\db\adesktop_dg.list
%profile%\local settings\application data\antispywaresoldier\db\explorer_dg.list
%profile%\local settings\application data\antispywaresoldier\db\fg_files.list
%profile%\local settings\application data\antispywaresoldier\db\fg_folders.list
%profile%\local settings\application data\antispywaresoldier\db\hijack.patterns
%profile%\local settings\application data\antispywaresoldier\db\hijack.places
%profile%\local settings\application data\antispywaresoldier\db\ie_dg.list
%profile%\local settings\application data\antispywaresoldier\db\ie_rg.list
%profile%\local settings\application data\antispywaresoldier\db\known.db
%profile%\local settings\application data\antispywaresoldier\db\rgexplorer_rg.list
%profile%\local settings\application data\antispywaresoldier\db\rgmisc_rg.list
%profile%\local settings\application data\antispywaresoldier\db\run_backup
%profile%\local settings\application data\antispywaresoldier\db\runcu_sg.list
%profile%\local settings\application data\antispywaresoldier\db\runlm_sg.list
%profile%\local settings\application data\antispywaresoldier\db\snapshots\xxxxxxxx.filesnap
%profile%\local settings\application data\antispywaresoldier\db\spyware.db
%profile%\local settings\application data\antispywaresoldier\db\system_dg.list
%profile%\local settings\application data\antispywaresoldier\db\tracks.db
%profile%\local settings\application data\antispywaresoldier\logs\xx_xx_xxxx_xx_xx_xx_xxx.log
%profile%\local settings\application data\antispywaresoldier\quarantine
%profile%\local settings\application data\antispywaresoldier\settings\settings.txt
%program_files%\antispyware soldier\bz.dll
%program_files%\antispyware soldier\interface\english.lng
%program_files%\antispyware soldier\unins000.exe
%program_files%\antispyware soldier\uninstall antispyware soldier.lnk
%startup%\antispysoldier.lnk

删除目录:
使用资源管理器删除以下目录（如果存在）：
%profile%\local settings\application data\antispywaresoldier
%profile%\local settings\application data\antispywaresoldier\db
%profile%\local settings\application data\antispywaresoldier\logs
%profile%\local settings\application data\antispywaresoldier\settings
%program_files%\antispyware soldier

调查
文件分析
AntiSpyware Soldier

调查方式
间谍软件研究中心