||||
Symantec.com > Security Response > Threats and Risks > TitanShield
PRINT THIS PAGE

TitanShield

Printer Friendly Page

Updated: February 13, 2007 11:50:24 AM
Type: Misleading Application
Publisher: titanshield.com
Risk Impact: Medium
File Names: titanshield.exe,titanshield_setup.exe
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP


When TitanShield is installed, it performs the following actions:
  1. Creates the following files:

    • %ProgramFiles%\TitanShield Antispyware\bz.dll
    • %ProgramFiles%\TitanShield Antispyware\interface\English.lng
    • %ProgramFiles%\TitanShield Antispyware\pkill.exe
    • %ProgramFiles%\TitanShield Antispyware\sounds\crit.wav
    • %ProgramFiles%\TitanShield Antispyware\titanshield.exe
    • %ProgramFiles%\TitanShield Antispyware\titanshield.url
    • %ProgramFiles%\TitanShield Antispyware\unins000.dat
    • %ProgramFiles%\TitanShield Antispyware\unins000.exe
    • C:\Documents and Settings\All Users\Start Menu\Programs\TitanShield Antispyware\TitanShield Antispyware on the Web.lnk
    • C:\Documents and Settings\All Users\Start Menu\Programs\TitanShield Antispyware\TitanShield Antispyware.lnk
    • C:\Documents and Settings\All Users\Start Menu\Programs\TitanShield Antispyware\Uninstall TitanShield Antispyware.lnk
    • %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\TitanShield Antispyware.lnk
    • %UserProfile%\Desktop\TitanShield Antispyware.lnk
    • %UserProfile%\\Local Settings\Application Data\TitanShield\DB - This folder contains numerous files.
    • %UserProfile%\Local Settings\Application Data\TitanShield\Logs - This folder contains numerous [Random].log files
    • %UserProfile%\Local Settings\Application Data\TitanShield\Logs - This folder contains items that are Quarantined by the risk.

      Note:
    • %UserProfile% is a variable that refers to the current user's profile folder. By default, this is C:\Documents and Settings\[CURRENT USER] (Windows NT/2000/XP).
    • %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.

  2. Creates the following registry subkeys:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TitanShield Antispyware_is1
    HKEY_ALL_USERS\Software\ADV
    HKEY_ALL_USERS\Software\TitanShield
  3. Gives exaggerated reports of threats present on the computer. The user is then prompted to purchase a registered version of the software in order to remove the reported threats


Search by name
Example: W32.Beagle.AG@mm
Windows 7
Windows Vista Security
©1995 - 2009 Symantec Corporation
Site Map|
Legal Notices|
Privacy Policy|
|
Contact Us|
Global Sites|
License Agreements|
RSS