Parent Tools for Yahoo! Messenger

Description:	Keylogger
Risk Level:	Low
Date of First Occurence:	Monday, April 14, 2008
Software Developer:	(unknown)
Brief Info:	Keyloggers invisibly monitor and record all of your computer activity. This information is then automatically emailed to an anonymous user.
Removal:	This threat can be removed using "Spyware Terminator"

ENTFERNEN SPYWARE »

Geographical Distribution of Threat "Parent Tools for Yahoo! Messenger"

Threat Info

View All

Detected Items

Detected Files: %SYSDIR%\IGTabs40.ocx MD5: D8D9B2C51406D366E443746E1786CD80 Size:299008 MD5: B4DB223961C9592A5C28B78D1B0DC2E1 Size:299008 MD5: 0084296AA52B377556749B251C00012F Size:303104 MD5: D0C8CAA212A2C871ADAA30322ADC0688 Size:299008 MD5: 3045BC25E23A3A95FB5CDA2FBFBE8918 Size:299008 MD5: C5C6FC0DEC55B8E8374CE2488C41C14C Size:299008 MD5: D31D983DCF76755A906D20906AC2B9E3 Size:303107 MD5: 61AFDD3A661A4828547FBA518192483C Size:299008 MD5: D0C8CAA212A2C871ADAA30322ADC0688 MD5: 81BADABDFF8FF795BCA36AA97D2A7AFD Size:299008 MD5: 4A52D08DFD8B922E2DBDFC80AC9CF8C5 Size:299008 MD5: C046E4F78BBA67E020396563CA80A8E4 Size:303104 and more.... %SYSDIR%\IgniteBtn.ocx MD5: D7F6875F1D1D6304F924845146BEDFD1 Size:69632 %SYSDIR%\IGTabs40.ocx MD5: 73D8BD2371CEC53D2FAF4F036FC65E22 Size:299008
Detected Files with variable Filenames:

Detecting items list:

Files by Name %SYSDIR%\ptymrn32\acl.bat %SYSDIR%\ptymrn32\rtc.dat %SYSDIR%\ptymrn32\svchost.exe %SYSDIR%\ptymrn32\sysrndrvym.exe %SYSDIR%\ptymrn32\sysrndvw.exe %SYSDIR%\ptymrn32\unins000.dat %SYSDIR%\ptymrn32\unins000.exe %SYSDIR%\IgniteBtn.ocx %SYSDIR%\IGTabs40.ocx
Files by Directories %SYSDIR%\ptymrn32
Files by CLSID or Name CLSID=BA53B1E2-870E-4C7E-BB66-88880C332317
Registry Keys HKCU\Software\Ignite Software\Parent Tools Yahoo HKCU\Software\Ignite Software\Parent Tools Yahoo\Local HKCR\IgniteBtn.AOLButton HKLM\SOFTWARE\Ignite Software\Parent Tools Yahoo HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Parent Tools for Yahoo! Messenger_is1
Registry Values HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=sysrndrvym

« Go to Software Database

Suchen Sie unsere Software Datenbank

Surfen Sie die Software Datenbank

Neueste Malware Nachrichten

23. September 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Ältere Malware Nachrichten »