Remote Helpdesk

Description:	Spyware
Risk Level:	Low
Date of First Occurence:	Thursday, May 22, 2008
Software Developer:	(unknown)
Brief Info:	Spyware is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user's interaction with the computer, without the user's informed consent.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "Remote Helpdesk"

Threat Info

View All

Detected Items

Detected Files: %WINDIR%\Remote Helpdesk Uninstaller.exe MD5: AAC2EA3BE5F4F5F3EF805319CE154C2E Size:151031 MD5: BE1B83ABFAC17A0B4B150C9429FF6DE2 Size:149684 %SystemDiskRoot%\Remote Helpdesk\IT_Machine.exe MD5: 87BB5C5CBDE66CD963C96ED79AAC2EF1 Size:475451 %SystemDiskRoot%\Remote Helpdesk\Copy of remhelp.exe MD5: 8758F9A1694DFA2FF877E0D9C995576C Size:475492 %SystemDiskRoot%\Remote Helpdesk\Copy (3) of remhelp.exe MD5: EB8420123B13D4DF8FB084FEC7CF2CD2 Size:475320 %SystemDiskRoot%\Remote Helpdesk\Copy (2) of remhelp.exe MD5: 52B47E1BABBBAD9285AA7751A065B307 Size:475350 %SystemDiskRoot%\Remote Helpdesk\remhelp.exe MD5: A60338C82FE6D96A6A084413B1422147 Size:431233 %SystemDiskRoot%\Remote Helpdesk\rhdbman.exe MD5: E1E25BF840452C3B8054A02733856FEF Size:903680
Detected Files with variable Filenames: MD5: DADEEC646AF506EF3061C464747B58AF Size: 940032 %SystemDiskRoot%\Remote Helpdesk\remhelpc-old.exe %SystemDiskRoot%\Remote Helpdesk\remhelpc.exe

Detecting items list:

Files by Name %SystemDiskRoot%\Remote Helpdesk\remhelp.chm %SystemDiskRoot%\Remote Helpdesk\remhelp.exe %SystemDiskRoot%\Remote Helpdesk\remhelpc.exe %SystemDiskRoot%\Remote Helpdesk\RemhelpSetup.bat %SystemDiskRoot%\Remote Helpdesk\rhdbman.exe %SystemDiskRoot%\Remote Helpdesk\RHDirectIP.bmp %SystemDiskRoot%\Remote Helpdesk\RHDirectIP.cfg %SystemDiskRoot%\Remote Helpdesk\RHDirectIP_FULL.bmp %SystemDiskRoot%\Remote Helpdesk\RHEmail.bmp %SystemDiskRoot%\Remote Helpdesk\RHEmail_FULL.bmp %SystemDiskRoot%\Remote Helpdesk\RHEmail2.bmp %SystemDiskRoot%\Remote Helpdesk\RHEmail2_FULL.bmp %SystemDiskRoot%\Remote Helpdesk\RHMail.cfg %SystemDiskRoot%\Remote Helpdesk\RHReverseIP.bmp %SystemDiskRoot%\Remote Helpdesk\RHReverseIP.cfg %SystemDiskRoot%\Remote Helpdesk\RHReverseIP_FULL.bmp %SystemDiskRoot%\Remote Helpdesk\RHReverseIP_FULL_PASSWORD.bmp %SystemDiskRoot%\Remote Helpdesk\RHRunning.bmp %SystemDiskRoot%\Remote Helpdesk\RHRunning_FULL.bmp %SystemDiskRoot%\Remote Helpdesk\uninstalldata.exe %START_PROGRAMSALL%\Remote Helpdesk\DB Manager.lnk %START_PROGRAMSALL%\Remote Helpdesk\Remote Helpdesk Client.lnk %START_PROGRAMSALL%\Remote Helpdesk\Remote Helpdesk Help.lnk %START_PROGRAMSALL%\Remote Helpdesk\Remote Helpdesk Server Setup.lnk %START_PROGRAMSALL%\Remote Helpdesk\Remote Helpdesk Server.lnk %START_PROGRAMSALL%\Remote Helpdesk\Uninstall Remote Helpdesk.lnk %APPDATA%\RemoteHelpdesk\macro.dat %APPDATA%\RemoteHelpdesk\processes.dat %START_PROGRAMSALL%\Remote Helpdesk\Uninstall Remote Helpdesk.lnk %WINDIR%\Remote Helpdesk Uninstaller.exe
Files by Directories %SystemDiskRoot%\Remote Helpdesk %START_PROGRAMSALL%\Remote Helpdesk %START_PROGRAMSALL%\Remote Helpdesk
Registry Keys HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Remote Helpdesk HKCU\Software\GID Software\Remote Helpdesk HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Remote Helpdesk

« Go to Software Database

Pesquisar em nosso banco de dados de software

Navegar pelo Banco de dados

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias anteriores sobre malware »