PCSpyKeylogger
|
Description:
|
Adware
|
|
Risk Level:
|
High
|
|
Date of First Occurence:
|
Tuesday, May 13, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
PCSpyKeylogger - Software that is displaying pop-up/pop-under windows containing advertisements when the primary user interface is not visible or displayed advertisements are not related to the product.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
REMOVER SPYWARE »
Geographical Distribution of Threat "PCSpyKeylogger"
Threat Info
View All
Detected Items
- Detected Files:
%PROGRAMFILES%\PSK\unins000.exe
MD5: 7F1F1E05A30A027583FF3406F48A4690 Size:640957
%PROGRAMFILES%\PSK\DLLs\ToolKeyloggerDLL.dll
MD5: 9E0C125287277E4215E6E0F26867CCDB Size:184320
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%programfiles%\PSK\ToolKeylogger.exe
%programfiles%\PSK\ToolKeylogger.xml
%programfiles%\PSK\unins000.dat
%programfiles%\PSK\Buy.url
%programfiles%\PSK\Help.url
%programfiles%\PSK\Home.url
%programfiles%\PSK\unins000.exe
%programfiles%\PSK\ToolKeylogger.language
%programfiles%\PSK\Images\Screen.gif
%programfiles%\PSK\Images\Password.gif
%programfiles%\PSK\Images\Keystroke.gif
%programfiles%\PSK\Images\Clipboard.gif
%programfiles%\PSK\Images\BlockExe.gif
%programfiles%\PSK\Images\Application.gif
%programfiles%\PSK\DLLs\ToolKeyloggerDLL.Language
%programfiles%\PSK\DLLs\ToolKeyloggerDLL.dll
%programfiles%\PSK\DLLs\jmail.dll
%START_PROGRAMSALL%\PC Spy Keylogger\Help Online.lnk
%START_PROGRAMSALL%\PC Spy Keylogger\Homepage.lnk
%START_PROGRAMSALL%\PC Spy Keylogger\PC Spy Keylogger.lnk
%START_PROGRAMSALL%\PC Spy Keylogger\Purchase.lnk
- Files by MD5
MD5: 10B3E5DF537B4AEC7704E8B45AEB9AEB Size: 1517728
MD5: 289FD4333C7DCF3259D934B888CB4781 Size: 2007040
- Files by Directories
%START_PROGRAMSALL%\PC Spy Keylogger
%programfiles%\PSK\Data\ToolKeylogger
- Files by CLSID or Name
CLSID=17B307BE-B2EC-43E8-8605-5E1F257273B1
CLSID=5388D0EE-ACE4-4C4D-8532-72F234399AEB
CLSID=60FB8D96-D4E9-461B-81A1-2356040B73E5
CLSID=A9676C29-ED6E-4C33-9295-8BC13CD3947D
CLSID=B44432C2-4D5C-4495-AC72-55A39917142C
CLSID=B7385BC9-4857-471B-9E06-CF2807288633
CLSID=BA7A51FA-04F1-45CB-B493-36AD46950432
CLSID=C080FFDA-6D65-4F98-BA30-89A340FC2C2C
CLSID=C610B319-5EF8-4302-AC99-4580932A5957
CLSID=E27D817E-A07E-481D-B449-48F83D7A18F4
- Registry Keys
HKCR\ToolKeyloggerDLL.Application.1
HKCR\ToolKeyloggerDLL.Application
HKCR\ToolKeyloggerDLL.BlockExe.1
HKCR\ToolKeyloggerDLL.BlockExe
HKCR\ToolKeyloggerDLL.Clipboard.1
HKCR\ToolKeyloggerDLL.Clipboard
HKCR\ToolKeyloggerDLL.Hotkey.1
HKCR\ToolKeyloggerDLL.Hotkey
HKCR\ToolKeyloggerDLL.Keyboard.1
HKCR\ToolKeyloggerDLL.Keyboard
HKCR\ToolKeyloggerDLL.LogToFTP.1
HKCR\ToolKeyloggerDLL.LogToFTP
HKCR\ToolKeyloggerDLL.LogToMail.1
HKCR\ToolKeyloggerDLL.LogToMail
HKCR\ToolKeyloggerDLL.Password.1
HKCR\ToolKeyloggerDLL.Password
HKCR\ToolKeyloggerDLL.Screen.1
HKCR\ToolKeyloggerDLL.Screen
HKCR\ToolKeyloggerDLL.TaskList.1
HKCR\ToolKeyloggerDLL.TaskList
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Spy Keylogger_is1
- Registry Values
HKLM\Software\Microsoft\Windows\CurrentVersion\Run ValueName=PC Spy Keylogger Value=%programfiles%\PSK\ToolKeylogger.exe
«
Go to Software Database
