CyberSieve
|
Description:
|
Keylogger
|
|
Risk Level:
|
Low
|
|
Date of First Occurence:
|
Tuesday, May 13, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Keyloggers invisibly monitor and record all of your computer activity. This information is then automatically emailed to an anonymous user.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SCAN & REMOVE NOW »
Geographical Distribution of Threat "CyberSieve"
Threat Info
View All
Detecting items list:
- Files by Name
%START_PROGRAMS%\CyberSieve\CyberSieve.lnk
%START_PROGRAMS%\CyberSieve\Manual.lnk
%START_PROGRAMS%\CyberSieve\SoftForYou Web Site.lnk
%SYSDIR%\cyber\CSCP.exe
%SYSDIR%\cyber\CSNotify.exe
%SYSDIR%\cyber\cssp.dll
%SYSDIR%\cyber\CSSPInst.exe
%SYSDIR%\cyber\CSSvc.exe
%SYSDIR%\cyber\CSSvr.exe
%SYSDIR%\cyber\csun.exe
%SYSDIR%\cyber\msippos.dat
%SYSDIR%\cyber\mssavt.dat
%SYSDIR%\cyber\mssctm.dat
%SYSDIR%\cyber\mssdtls.dat
%SYSDIR%\cyber\mssfng.dat
%SYSDIR%\cyber\mssusr.dat
%SYSDIR%\cyber\msswgs.dat
%SYSDIR%\cyber\sf1ursyJ.dat
%SYSDIR%\cyber\sf9rtMvM.dat
%SYSDIR%\cyber\sfbVTPWj.dat
%SYSDIR%\cyber\sfCJATvk.dat
%SYSDIR%\cyber\sffQtMfD.dat
%SYSDIR%\cyber\sfkIp6iT.dat
%SYSDIR%\cyber\sfLU5JR7.dat
%SYSDIR%\cyber\sfqNpJBA.dat
%SYSDIR%\cyber\sfR0OCJG.dat
%SYSDIR%\cyber\sftOGlIF.dat
- Files by Directories
%PROGRAMFILES%\CyberSieve %PROGRAMFILES%\CyberSieve\Warn %START_PROGRAMS%\CyberSieve
%SYSDIR%\cyber
- Registry Keys
HKLM\SYSTEM\ControlSet001\Services\CSSvc
- Registry Values
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ValueName=CS
HKLM\SYSTEM\ControlSet001\Services\CSSvc ValueName=DependOnGroup
HKLM\SYSTEM\ControlSet001\Services\CSSvc ValueName=DependOnService
HKLM\SYSTEM\ControlSet001\Services\CSSvc ValueName=DisplayName
HKLM\SYSTEM\ControlSet001\Services\CSSvc ValueName=ErrorControl
HKLM\SYSTEM\ControlSet001\Services\CSSvc ValueName=ImagePath
HKLM\SYSTEM\ControlSet001\Services\CSSvc ValueName=ObjectName
HKLM\SYSTEM\ControlSet001\Services\CSSvc ValueName=Start
HKLM\SYSTEM\ControlSet001\Services\CSSvc ValueName=Type
HKLM\SYSTEM\CurrentControlSet\Services\CSSvc ValueName=DependOnGroup
HKLM\SYSTEM\CurrentControlSet\Services\CSSvc ValueName=DependOnService
HKLM\SYSTEM\CurrentControlSet\Services\CSSvc ValueName=DisplayName
HKLM\SYSTEM\CurrentControlSet\Services\CSSvc ValueName=ErrorControl
HKLM\SYSTEM\CurrentControlSet\Services\CSSvc ValueName=ImagePath
HKLM\SYSTEM\CurrentControlSet\Services\CSSvc ValueName=ObjectName
HKLM\SYSTEM\CurrentControlSet\Services\CSSvc ValueName=Start
HKLM\SYSTEM\CurrentControlSet\Services\CSSvc ValueName=Type
«
Go to Software Database