OverSpy
|
Description:
|
Keylogger
|
|
Risk Level:
|
Critical
|
|
Date of First Occurence:
|
Friday, May 30, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Keyloggers invisibly monitor and record all of your computer activity. This information is then automatically emailed to an anonymous user.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
ENTFERNEN SPYWARE »
Geographical Distribution of Threat "OverSpy"
Threat Info
View All
Detected Items
- Detected Files:
%PROGRAMFILES%\OVERSPY\OVERSPY.EXE
MD5: FFFC0C286B8E1949381F1FA8571D39B2 Size:1090942
%PROGRAMFILES%\OverSpy\HOOK.DLL
MD5: 9BA2511A28BEA5A477F82BF7DFD00469 Size:345600
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\OverSpy.lnk
%DESKTOP%\OverSpy.lnk
%START_PROGRAMSALL%\OverSpy\OverSpy Help.lnk
%START_PROGRAMSALL%\OverSpy\OverSpy on the Web.lnk
%START_PROGRAMSALL%\OverSpy\OverSpy.lnk
%START_PROGRAMSALL%\OverSpy\Uninstall OverSpy.lnk
%ProgramFiles%\OverSpy\Config.xml
%ProgramFiles%\OverSpy\config.~xml
%ProgramFiles%\OverSpy\Hook.dll
%ProgramFiles%\OverSpy\OverSpy Help.url
%ProgramFiles%\OverSpy\OverSpy.exe
%ProgramFiles%\OverSpy\OverSpy.url
%ProgramFiles%\OverSpy\unins000.dat
%ProgramFiles%\OverSpy\unins000.exe
%ProgramFiles%\OverSpy\UninsHs.dat
%ProgramFiles%\OverSpy\UninsHs.exe
- Files by Directories
%ProgramFiles%\OverSpy
%START_PROGRAMSALL%\OverSpy
- Registry Keys
HKCU\Software\Virtuoza\OverSpy
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OverSpy_is1
- Registry Values
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=scvhost
«
Go to Software Database
