Technical details:
Categories: Spyware
OverSpy Folders:
[%COMMON_PROGRAMS%]\OverSpy
[%PROGRAMS%]\overspy
[%PROGRAM_FILES%]\overspy
OverSpy Files:
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\OverSpy.lnk
[%DESKTOP%]\OverSpy.lnk
[%SYSTEM%]\sysprocs\overspy help.url
[%SYSTEM%]\sysprocs\overspy.exe
[%SYSTEM%]\sysprocs\overspy.url
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\OverSpy.lnk
[%DESKTOP%]\OverSpy.lnk
[%SYSTEM%]\sysprocs\overspy help.url
[%SYSTEM%]\sysprocs\overspy.exe
[%SYSTEM%]\sysprocs\overspy.url
OverSpy Registry Keys:
HKEY_CLASSES_ROOT\clsid\{0e9d1f65-6417-48e3-ac6f-81dc5f99be4e}
HKEY_CLASSES_ROOT\clsid\{a9d098f3-3fd5-3675-a210-58704085a191}
HKEY_CLASSES_ROOT\doublehook.tshellexecutehook
HKEY_CURRENT_USER\software\virtuoza\overspy
HKEY_LOCAL_MACHINE\software\microsoft\esent\process\overspy
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{ae40eba0-2d49-48c9-ba8d-e9f046240f5f}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{ae40eba0-2d49-48c9-ba8d-e9f046240f5f}}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\overspy_is1
OverSpy Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks
OverSpy indications of infection
This symptoms of OverSpy detection are the files, registry, and network communication referenced in the technical details section.Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.
Also Be Aware of the Following Threats:
Remove SCN Toolbar
SoftWAR.ShadowThieft RAT Cleaner
April30 Trojan Symptoms
No comments:
Post a Comment