SafeSurfing

Description:	Spyware
Risk Level:	High
Date of First Occurence:	Thursday, April 24, 2008
Software Developer:	Avenue Media, NV.
Brief Info:	SafeSurfing monitors browsing habits.
Removal:	This threat can be removed using "Spyware Terminator"

ENTFERNEN SPYWARE »

Geographical Distribution of Threat "SafeSurfing"

Threat Info

View All

Detected Items

Detected Files: %TEMP%\ExtractDLL.dll MD5: D4F87D459A8A538C1D9DD7C12B48A2B0 Size:9728 %SYSDIR%\regsync.exe MD5: 47957457727D2A2BD765965EC466E0D2 Size:37719 MD5: A78C9754CF637E4151C83C48B621D6EB Size:32768 %SYSDIR%\InstallerV3.exe MD5: 91C3FB3F54C6A99AEC7FB028F40FAF39 Size:62103 MD5: 7BB92A15195D8AC3E459C605C2F1C41E Size:68016 MD5: CE6E35B6ADBEF5ED769CDF12B8AA1B2E Size:55776 %SYSDIR%\netsync.exe MD5: C3FD989C925FE396CA90CC16017530E1 Size:32768 MD5: 6B47E381A05865A97A7C6F5381E55FF2 Size:32768 %SYSDIR%\VBUninstall.exe MD5: 45A9B6EE53161BC274EFCD40A787CEED Size:40094 %SYSDIR%\redtrsha.dll MD5: 455AA9ECDC0CDDED0D489B6481B40D91 Size:417792 %SYSDIR%\richup.exe MD5: EC605D1440C89427FE56300E83941281 Size:32768 %SYSDIR%\richedtr.dll MD5: 4136F8CC10CBB1A437F1533ED9E8362C Size:225280 %SYSDIR%\lanbruns.exe MD5: 50C13FF716BDC2E34BD14FC6943A0691 Size:45993 %SYSDIR%\wirelanb.dll MD5: 1C79B21A086F7ABE8F829DFA2ECF6072 Size:417792
Detected Files with variable Filenames: MD5: 9AC0A5E50B8B19398CD0AFDCF96A1428 Size: 32768 %SYSDIR%\lanbrup.exe %TEMP%\labpengs.tmp

Detecting items list:

Files by Name %Windir%\netsync.exe %sysdir%\netsync.exe %Sysdir%\regsync.exe %Sysdir%\richup.exe %Sysdir%\lanbrup.exe %Windir%\asbltzun.exe %Windir%\rsyncmon.dll %Windir%\ISSM0064.DAT %Sysdir%\COMMCOS2.DLL %Sysdir%\InstallerV3.exe %Sysdir%\richedtr.dll %Sysdir%\redtrsha.dll %Sysdir%\vbrundll.dll %Sysdir%\VBUninstall.exe %Sysdir%\wirelanb.dll %Sysdir%\lanbrup.exe %Sysdir%\lanbruns.exe %Temp%\labpengs.tmp %Temp%\ExtractDLL.dll
Files by CLSID or Name CLSID=16B238D5-80DE-47CE-8F17-B3ECE2C2248D CLSID=197B8CA4-E215-46DD-8F33-E0544A80E5C4 CLSID=71D1708F-973D-4600-AF01-AD86688403AE CLSID=0A0CB91F-304B-44AD-9460-9C55465163A4 CLSID=2AB7A3C6-9D09-428C-AA65-07BD49FB7065 CLSID=32A9D21F-F510-44DC-9EA6-0456EDA04668 CLSID=4562B6F3-DAF8-464E-87B7-5464575F0D6A CLSID=57CB9B97-9FF9-4C87-88A4-56A867FFC95E CLSID=DA4B919F-B757-4E32-8D79-DEC5C2704C4B CLSID=F1AD96E6-E575-44D9-9BBF-F3FDCF06C454 CLSID=00DC9FF2-EA77-49C7-8DEF-722FD81CAB59 CLSID=227D1E33-EAD4-4ACE-BE32-4ACFAAD072DD CLSID=33ADD70F-53AB-4F97-B4B6-997881820F6D CLSID=34A35BBB-8C19-4482-864C-290BD8DD6A5D CLSID=F79A2C4B-8776-4ED7-8B2F-4786A4A3500A
Registry Keys HKLM\SOFTWARE\RSyncMon HKLM\SOFTWARE\VBRun HKLM\SOFTWARE\Lanbridge HKLM\SOFTWARE\SafeSurfing HKLM\SOFTWARE\RichEd

« Go to Software Database

Suchen Sie unsere Software Datenbank

Surfen Sie die Software Datenbank

Neueste Malware Nachrichten

23. September 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Ältere Malware Nachrichten »