Instant Message Grabber
|
Description:
|
Keylogger
|
|
Risk Level:
|
Low
|
|
Date of First Occurence:
|
Tuesday, May 13, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Keyloggers invisibly monitor and record all of your computer activity. This information is then automatically emailed to an anonymous user.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SCAN & REMOVE NOW »
Geographical Distribution of Threat "Instant Message Grabber"
Threat Info
View All
Detected Items
- Detected Files:
%SYSDIR%\unIMG.exe
MD5: 85A0A56F2164A4A96FC6B058095ABD20 Size:83760
MD5: 86F3950F3A7B5982813B0432A72F7443 Size:64511
%PROGRAMFILES%\Instant Message Grabber 2.x\IMViewer.exe
MD5: 8B2092229CA5E9E6C3ADCA74BBF83349 Size:1558016
%WINDIR%\i2u_close.dll
MD5: 308AA231D765FFB99C1B41A7B255CF53 Size:81920
MD5: C2FCCA438C5901EF108EED656AE0366D Size:81920
%PROGRAMFILES%\Instant Message Grabber 2.x\IMG.exe
MD5: E7FB6087EC864253450D6E45292C021A Size:94208
%SYSDIR%\G2Helper.exe
MD5: 4E970B951B82C9D3DD03F2D4DE6A3D66 Size:61440
MD5: CCEADD11FE841A09E8489397B1897497 Size:61440
%WINDIR%\imgs.exe
MD5: C09E84CC90D16057D8F0B46AAF78EDC1 Size:1114776
%WINDIR%\i2u_aim.dll
MD5: 39CC7AE230B40062E9BC6D448C54B7FD Size:106496
MD5: 6794B93892C9624D19C6C23BBAF7DBD7 Size:106496
%WINDIR%\i2c_aim.dll
MD5: 5374DDE5B56D07065E09EAFF08729605 Size:106496
MD5: 516F8BE1C18C406BA08B76DF1D0A951F Size:106496
%WINDIR%\i2g_move.dll
MD5: 8718B969C375C7C36626441568E0C542 Size:86016
MD5: 3017363FDA4EF13808EB27B1709A3D3C Size:86016
%WINDIR%\i2g_cap.dll
MD5: 242F6A92D1FF80251D4824E1A3C918EF Size:212992
MD5: F3C875AA93AFA89DC36787FEEDD42D74 Size:212992
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%PROGRAMFILES%\Instant Message Grabber 2.?\IMGrabber2.exe
%PROGRAMFILES%\Instant Message Grabber 2.?\IMViewer.exe
%DESKTOP%\Instant Message Viewer.lnk
%START_PROGRAMS%\Instant Message Grabber\Instant Message Viewer.lnk
%START_PROGRAMS%\Instant Message Grabber\Uninstall.lnk
%WINDIR%\imgs.exe
%SYSDIR%\G2Helper.exe
%SYSDIR%\unIMG.exe
%SYSDIR%\IMViewer.lnk
%WINDIR%\i2c_aim.dll
%WINDIR%\i2g_cap.dll
%WINDIR%\i2g_move.dll
%WINDIR%\i2u_aim.dll
%WINDIR%\i2u_close.dll
- Files by Directories
%PROGRAMFILES%\Instant Message Grabber 2.?
%START_PROGRAMS%\Instant Message Grabber
- Registry Keys
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Instant Message Grabber
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMG2
HKLM\SYSTEM\ControlSet001\Services\MGS
HKLM\SYSTEM\ControlSet002\Services\MGS
HKLM\SYSTEM\CurrentControlSet\Services\MGS
- Registry Values
HKCU\Software\Microsoft\Windows\CurrentVersion\Run ValueName=IMViewer
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=IMGrabber2
«
Go to Software Database