@TheOffice Remote Access

Description: Spyware
Risk Level: Low
Date of First Occurence: Thursday, August 07, 2008
Software Developer: (unknown)
Brief Info: Spyware is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user's interaction with the computer, without the user's informed consent.
Removal: This threat can be removed using "Spyware Terminator"

SCAN & REMOVE NOW »

Geographical Distribution of Threat "@TheOffice Remote Access"

Threat Info

View All

Detected Items

  1. Detected Files: %PROGRAMFILES%\Trispen\@TheOffice\Driver\sshipsec.sys MD5: 7CDC83D804B55669290D9D58FF99359B Size:837508 %PROGRAMFILES%\Trispen\@TheOffice\d2hpopup.ocx MD5: B6AAEF86D819BEF9D5049A8403269661 Size:69632 %PROGRAMFILES%\Trispen\@TheOffice\litediag.exe MD5: E312C1BA7948622FC7931B6E38566585 Size:1159168 %PROGRAMFILES%\Trispen\@TheOffice\GWLite.exe MD5: 19F968093645B1E507D9FC0E532470B5 Size:2895872 %PROGRAMFILES%\TRISPEN\@THEOFFICE\SSHIPM.EXE MD5: 8BF7C1E8CA1BDE80594F6BAE60ED2445 Size:985088
  2. Detected Files with variable Filenames:

Detecting items list:

  1. Files by Name %PROGRAMFILES%\Trispen\@TheOffice\clientlite.exe %PROGRAMFILES%\Trispen\@TheOffice\litediag.exe %PROGRAMFILES%\Trispen\@TheOffice\sshipm.exe %PROGRAMFILES%\Trispen\@TheOffice\Driver\sshipsec.sys %PROGRAMFILES%\Trispen\@TheOffice\Driver\sshvnic3.sys %PROGRAMFILES%\Trispen\@TheOffice\Driver\sshvnic5.sys %PROGRAMFILES%\Trispen\@TheOffice\Driver\vnicia2k.dll %PROGRAMFILES%\Trispen\@TheOffice\Driver\vnicia9x.dll %PROGRAMFILES%\Trispen\@TheOffice\Driver\vniciant.dll %SystemDiskRoot%\Documents and Settings\All Users\Desktop\Connect to the Office.lnk %START_PROGRAMSALL%\@TheOffice Client\About @TheOffice Client.lnk %START_PROGRAMSALL%\@TheOffice Client\Connect to the Office.lnk %START_PROGRAMSALL%\@TheOffice Client\Create User Profile.lnk %START_PROGRAMSALL%\@TheOffice Client\Diagnostic System Information Tool.lnk %START_PROGRAMSALL%\@TheOffice Client\Help.lnk %START_PROGRAMSALL%\@TheOffice Client\Manage Profiles.lnk %SYSDIR%\lite_va_install.exe
  2. Files by Directories %PROGRAMFILES%\Trispen\@TheOffice %START_PROGRAMSALL%\@TheOffice Client
  3. Files by CLSID or Name CLSID=55AFAF41-EADE-11D5-8939-00D0B73CAE5E
  4. Registry Keys HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{04C0DD30-59F2-11DB-9645-0050569C929A} HKLM\SOFTWARE\Trispen

« Go to Software Database