iRemotePC

Description:	Spyware
Risk Level:	Low
Date of First Occurence:	Wednesday, April 23, 2008
Software Developer:	(unknown)
Brief Info:	Spyware is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user's interaction with the computer, without the user's informed consent.
Removal:	This threat can be removed using "Spyware Terminator"

SCAN & REMOVE NOW »

Geographical Distribution of Threat "iRemotePC"

Threat Info

View All

Detected Items

Detected Files: %PROGRAMFILES%\iRemotePC\iRemotePCAutoUpdater.exe MD5: CB1E2D888CA17B7FE5C19CDC56DB9D4F Size:192000 MD5: 3B3D9F7ACD17F034EBD0A2165D4F2FC2 Size:193024 %PROGRAMFILES%\iRemotePC\Zip32.dll MD5: 5B25690CC2E55A6D4BC965068A7BA1EF Size:147456 %PROGRAMFILES%\iRemotePC\UnZip32.dll MD5: 5ED1BA3E2DA053E024378EAAB62C531F Size:98304 %PROGRAMFILES%\iRemotePC\RestartiRemotePC.exe MD5: 81ADC93BB7B5D4FEEB7D4555816E0149 Size:45056 MD5: 921E311F31CA3791847D800680A835C6 Size:40960 %PROGRAMFILES%\iRemotePC\msvcr70.dll MD5: 9972A6ED4F2388DBFA8E0A96F6F3FDF1 Size:344064 %PROGRAMFILES%\iRemotePC\logmessages.dll MD5: B1BED581897644B07966F6CB1D062B06 Size:1536 MD5: 693FD7854199A2252DE343C3DB3C4B72 Size:1536 %PROGRAMFILES%\iRemotePC\ldapauthnt4.dll MD5: B85C7766F59F60F4ADEB90BD6986B55F Size:90112 MD5: 0F7C9889D519D33FCE7C6CE004A75025 Size:94208 %PROGRAMFILES%\iRemotePC\ldapauth.dll MD5: 74C32F3462C545DC6373F7172D5E8591 Size:90112 MD5: 8C7891BF6A4C4403C0438B1745141324 Size:94208 %PROGRAMFILES%\iRemotePC\ldapauth9x.dll MD5: C4198F3BE96B89C0ED7609AA1720B717 Size:90112 MD5: DD477364BE513C9479469AF9638D75CE Size:94208 %PROGRAMFILES%\iRemotePC\iremotepchooks.dll MD5: 2C476D295CD66A9327B42DA3D0D22B44 Size:77824 %PROGRAMFILES%\iRemotePC\authlogonuser.dll MD5: 0636821A8C6C12DC72EDBF2364043D39 Size:73728 %PROGRAMFILES%\iRemotePC\authad.dll MD5: 9545435CF44FE14E8AE16781A39585CD Size:90112 %PROGRAMFILES%\iRemotePC\auth.dll MD5: AB2286998ADD97147F87EB28D9501940 Size:98304 %PROGRAMFILES%\IREMOTEPC\IREMOTEPC.EXE MD5: 517A7ED6E45F2DB6356D22F850195E76 Size:2539520 MD5: BCB9D6B302E7D20C538CBBFAF0522AA7 Size:688128 %PROGRAMFILES%\iRemotePC\videodriver\vnchelp.dll MD5: D06C4BAE134961180B439C49A1A82240 Size:5760 %PROGRAMFILES%\iRemotePC\videodriver\vncdrv.sys MD5: 4EC979B157D1AA075330362ACB5424E5 Size:4736 %PROGRAMFILES%\iRemotePC\videodriver\vncdrv.dll MD5: E07079006AE1A1C7078B73006A510196 Size:12800 %PROGRAMFILES%\iRemotePC\videodriver\vnccom.sys MD5: B67632451F760797BB183E1FB99F4B39 Size:6016 %PROGRAMFILES%\iRemotePC\videodriver\setupdrv.exe MD5: D5B8E2378BED33414E80273CAD6F3AF1 Size:65536 %PROGRAMFILES%\iRemotePC\proxyread.exe MD5: F5A7CE6E5BB1C3D821EF43AC0466E17F Size:34304 %PROGRAMFILES%\iRemotePC\logging.dll MD5: 4451B1B74E62BD32620AB1D11057F8E3 Size:81920
Detected Files with variable Filenames: MD5: 17FA7EE9C39B08C570F353F1E32F9E3E Size: 155648 %PROGRAMFILES%\iRemotePC\SSLeay32.dll %PROGRAMFILES%\iRemotePC\SSLEAY32.dll.ren MD5: 8085A7221B1CA6DC5BE44E029C7EB9E7 Size: 17408 %PROGRAMFILES%\iRemotePC\psapi.dll %PROGRAMFILES%\iRemotePC\psapi.dll.ren MD5: 2949219BEEFCD38C129E4767650DD986 Size: 348160 %PROGRAMFILES%\iRemotePC\msvcr71.dll %PROGRAMFILES%\iRemotePC\msvcr71.dll.ren MD5: E67CF9A73882F81AB87B4CA0169F36A5 Size: 831488 %PROGRAMFILES%\iRemotePC\libeay32.dll %PROGRAMFILES%\iRemotePC\LIBEAY32.dll.ren MD5: 2661DAE4AF7FF048D034DBC4B64FDB35 Size: 303616 %PROGRAMFILES%\iRemotePC\msvcp71.dll %PROGRAMFILES%\iRemotePC\msvcp71.dll.ren MD5: 9F7FFD289C6BE2B963EC7A69AC8ED71B Size: 450048 %PROGRAMFILES%\iRemotePC\mfc71.dll %PROGRAMFILES%\iRemotePC\mfc71.dll.ren MD5: 597CBB07778686B3CB7CD8178FE0B699 Size: 1404928 %PROGRAMFILES%\iRemotePC\IRPCCore.dll %PROGRAMFILES%\iRemotePC\IRPCCore.dll.ren MD5: 460B4DD91C9A222617DFEE6FC9352654 Size: 114688 %PROGRAMFILES%\iRemotePC\IRPCCommunicationLayer.dll %PROGRAMFILES%\iRemotePC\IRPCCommunicationLayer.dll.ren MD5: BCB9D6B302E7D20C538CBBFAF0522AA7 Size: 688128 %PROGRAMFILES%\IREMOTEPC\IREMOTEPC.EXE %PROGRAMFILES%\iRemotePC\iremotepc.exe.ren

Detecting items list:

Files by Name %PROGRAMFILES%\iRemotePC\auth.dll %PROGRAMFILES%\iRemotePC\authad.dll %PROGRAMFILES%\iRemotePC\authlogonuser.dll %PROGRAMFILES%\iRemotePC\iRemotePC.exe %PROGRAMFILES%\iRemotePC\iRemotePCAutoUpdater.exe %PROGRAMFILES%\iRemotePC\iremotepchooks.dll %PROGRAMFILES%\iRemotePC\ldapauth.dll %PROGRAMFILES%\iRemotePC\ldapauth9x.dll %PROGRAMFILES%\iRemotePC\ldapauthnt4.dll %PROGRAMFILES%\iRemotePC\libeay32.dll %PROGRAMFILES%\iRemotePC\logmessages.dll %PROGRAMFILES%\iRemotePC\RestartiRemotePC.exe %PROGRAMFILES%\iRemotePC\SSLeay32.dll %SystemDiskRoot%\Documents and Settings\All Users\Desktop\iRemotePC.exe.lnk %START_PROGRAMSALL%\iRemotePC\iRemotePC.exe.lnk %START_PROGRAMSALL%\iRemotePC\Uninstall.lnk
Files by Directories %PROGRAMFILES%\iRemotePC %START_PROGRAMSALL%\iRemotePC
Registry Keys HKLM\SOFTWARE\iRemotePC HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{01E342A9-35B3-413D-ABC8-CF4A23ABD0C0}
Registry Values HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=iRemotePC

« Go to Software Database

Search in Our Software Database

Browse Software Database

Latest Malware News

September 23, 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Older malware news »