ISpy

Description:	Keylogger
Risk Level:	High
Date of First Occurence:	Tuesday, April 15, 2008
Software Developer:	(unknown)
Brief Info:	Keyloggers invisibly monitor and record all of your computer activity. This information is then automatically emailed to an anonymous user.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "ISpy"

Threat Info

View All

Detected Items

Detected Files: %PROGRAMFILES%\Helper\superfindout.dll MD5: 1ADA2FC3C848B2041C9792B2EF9D1F07 Size:15872 %PROGRAMFILES%\Helper\findsiteonline.dll MD5: 36C81DFA646364217FCF1530E9529513 Size:15872 %PROGRAMFILES%\Helper\1204767872.dll MD5: 819E599CE465AA509C344EF4EB841269 Size:13312 %PROGRAMFILES%\Helper\Helper10.dll MD5: 573D00E14D2883AF99DF9143317155B5 Size:19456 %PROGRAMFILES%\Helper\HWebUpdate.exe MD5: D375D67730A2CCC9AD306409C03D0CC9 Size:3224064 MD5: F38304D14298945A1A30A72DED9F2B7A Size:3018240 %PROGRAMFILES%\Helper\HRenamer.exe MD5: 109FDFE04FE5C3AE15B0DEDAAF148CB1 Size:676864 MD5: A53F3FC8441EA4EF58B56CFA55CE3A33 Size:338944 %PROGRAMFILES%\Helper\HRegViewer.exe MD5: F8511B9BCC5E6C968515988466757974 Size:698880 MD5: 459DC1C122A9DD4B91B54602C6D8F151 Size:634368 %PROGRAMFILES%\Helper\HAccess.dll MD5: 4E3E5D5513A578F71EDD0270A0063C2C Size:5061120 MD5: 6A950DFA49E936A26D45C962E1146B95 Size:3462144 %PROGRAMFILES%\Helper\unins000.exe MD5: 221A272D3268B360B9894DE95DBBCF5C Size:695663 %PROGRAMFILES%\Helper\Helper.exe MD5: 4ECF76ABD8BBFF680A59442E079ADBAB Size:16333312 MD5: BC31EF8FF4AAD010F08F358E2C2A3472 Size:13027840 %PROGRAMFILES%\Helper\Transfer\Transfer.exe MD5: EB7A10CCCAA0B01AD94A5DBBBE7FFE35 Size:3213312 %PROGRAMFILES%\Helper\HDataSetup.exe MD5: 5A89404F973C06A0BB086BAD63DAFC41 Size:1007104 MD5: 87338F825F3DA17AF891A253C4E0920A Size:657920 %PROGRAMFILES%\Helper\Hcheck.exe MD5: 8ABE80F6C54018E15907B93B6708E6F1 Size:2445824 MD5: 871D4561566061A6B6A233F223A4204C Size:1650176 %PROGRAMFILES%\Helper\Backup.exe MD5: 5934B7111F41CDBBA1E3D621707A8A99 Size:2782720 %PROGRAMFILES%\Helper\researcheng.dll MD5: 049C6699BF2B94EC1B7A706F981BF0B1 Size:15872 %PROGRAMFILES%\Helper\Helper9.dll MD5: 7F910AC09BE3D990D47BC738D95C073E Size:19456 %PROGRAMFILES%\Helper\UNWISE.EXE MD5: 973567B98CDFC147DF4E60471D9DF072 Size:153088 %PROGRAMFILES%\Helper\backup.exe MD5: F517E87D551A61831D455392194760DB Size:2192384 %PROGRAMFILES%\Helper\1201357287.dll MD5: CA650AEBB0C2F5100BABD586FEEBC4B3 Size:15872 %PROGRAMFILES%\Helper\mattsearch.dll MD5: AA004C95DCCF00823793803E99306F9C Size:15360 %PROGRAMFILES%\Helper\findsitedirect.dll MD5: 113797B38E25D7861AF37DDA2BF43406 Size:15872 %SYSDIR%\cat.dll MD5: E3EAC972BDA8D8AF31FC93D4F4ABD3A9 Size:95744 %PROGRAMFILES%\Helper\prolooker.dll MD5: 0E0697044E86BFCABE21EB738B6DB329 Size:15872 %PROGRAMFILES%\Helper\prosearchsite.dll MD5: 4AAA70B2D8990FF8C003D02C3450DF58 Size:13824
Detected Files with variable Filenames: MD5: 6C234CA9F443D5816350C2A3E5BD673B Size: 12800 %PROGRAMFILES%\Helper\1201902705.dll %PROGRAMFILES%\Helper\1201981249.dll.ren MD5: 4C26FEC6C8FA9B4102989CC37E089E1C Size: 12800 %PROGRAMFILES%\Helper\1202512131.dll %PROGRAMFILES%\Helper\1202512121.dll MD5: FCD9D990AB52B05A61494F26CA1AA534 Size: 13312 %PROGRAMFILES%\Helper\1205521916.dll %PROGRAMFILES%\Helper\1205521718.dll

Detecting items list:

Files by Name %START_PROGRAMS%\Help\I-Spy on the Web.lnk %START_PROGRAMS%\Help\I-Spy.lnk %START_PROGRAMS%\Help\Read Me First.lnk %START_PROGRAMS%\Help\Uninstall I-Spy.lnk %DESKTOP%\I-Spy.lnk %ProgramFiles%\Helper\Help.exe %ProgramFiles%\Helper\I-Spy.url %ProgramFiles%\Helper\min.dat %ProgramFiles%\Helper\readme.txt %ProgramFiles%\Helper\unins000.dat %ProgramFiles%\Helper\unins000.exe %sysdir%\cat.dll %Windir%\ispy.dll
Files by Directories %ProgramFiles%\Helper
Registry Keys HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I-Spy
Registry Values HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=ISHelp

« Go to Software Database

Pesquisar em nosso banco de dados de software

Navegar pelo Banco de dados

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias anteriores sobre malware »