SpyPC
|
Description:
|
Keylogger
|
|
Risk Level:
|
Critical
|
|
Date of First Occurence:
|
Tuesday, May 13, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Keyloggers invisibly monitor and record all of your computer activity. This information is then automatically emailed to an anonymous user.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SUPPRIMER SPYWARE »
Geographical Distribution of Threat "SpyPC"
Threat Info
View All
Detected Items
- Detected Files:
%SYSDIR%\Odccll.dll
MD5: 4D78E0C72DEDABE6F283370323274D02 Size:2502656
MD5: D41D8CD98F00B204E9800998ECF8427E
%SYSDIR%\Cmrsl.dll
MD5: 740A2927F92BD98F45596E3B47AA561D Size:1078
- Detected Files with variable Filenames:
MD5: 838E0E11103ED15A6BFE510488A80212 Size: 36864
%SYSDIR%\Fdxxl.exe
%SYSDIR%\Commh32.exe
Detecting items list:
- Files by Name
%sysdir%\Cmrsl.dll
%sysdir%\Commh32.exe
%sysdir%\Fdxxl.exe
%sysdir%\Llccj.dll
%sysdir%\Msshll.exe
%sysdir%\Msx.sys
%sysdir%\Odccll.dll
%sysdir%\Sccssdr.dll
%sysdir%\Scnex.exe
%sysdir%\Sysboot.bak
%sysdir%\XScn.dll
%Windir%\Oxpll.exe
%START_PROGRAMS%\spyPC\SpyPC Help.lnk
%START_PROGRAMS%\spyPC\spyPC.lnk
- Registry Keys
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\spyPC
- Registry Values
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=Comm Driver
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices ValueName=SysPilot
«
Go to Software Database
