Spyware.ISpyNow monitors files, network traffic, and keystrokes

 
|

Spyware.ISpyNow monitors files, network traffic, and keystrokes

Spyware.ISpyNow is a Spyware virus with High-Risk impact gives the person who installed it a Web-based interface with summaries of logged information on the host computer.

When Spyware.Ispynow runs, it performs the following actions:

  1. Creates the following files:
    * %UserProfile%\Start Menu\Programs\iSpyNOW\Help Documentation.lnk
    * %UserProfile%\Start Menu\Programs\iSpyNOW\iSpyNOW Tray Companion.lnk
    * %UserProfile%\Start Menu\Programs\iSpyNOW\License Agreement.lnk
    * %UserProfile%\Start Menu\Programs\iSpyNOW\Readme.lnk
    * %UserProfile%\Start Menu\Programs\iSpyNOW\Remove iSpyNOW.lnk
    * %UserProfile%\Start Menu\Programs\iSpyNOW\Visit the Official iSpyNOW Website.lnk
    * %ProgramFiles%\ISN\header.gif
    * %ProgramFiles%\ISN\isnhelp.htm
    * %ProgramFiles%\ISN\isn_builder.exe
    * %ProgramFiles%\ISN\license.txt
    * %ProgramFiles%\ISN\Readme.txt
    * %ProgramFiles%\ISN\uninstal.log
    * %ProgramFiles%\ISN\Visit the Official iSpyNOW Website.url
    * %Windir%\isntrayopt.dat
    * %Windir%\softmod32.exe
    Note:
    * %UserProfile% is a variable that refers to the current user’s profile folder. By default, this is C:\Documents and Settings\[CURRENT USER] (Windows NT/2000/XP).
    * %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.
    * %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows (Windows 95/98/Me/XP) or C:\Winnt (Windows NT/2000).
  2. Creates the following file, if it is not already present on the system:
    * %Windir%\unvise32.exe
  3. Creates the following registry key:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSpyNOW
  4. Adds the values:
    “Microsoft Tray”=”[Executable file path]”
    “isntray” = “C:\Program Files\ISN\isn_builder.exe”
    to the registry key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

    so that the Adware runs every time Windows starts.

Spyware.Ispynow runs, it performs the following action/spy when run:

  1. Logs both sides of all the chat & instant message conversations for AOL, ICQ, MSN, AIM, and Yahoo Instant Messenger.
  2. Captures information about every window that was viewed & interacted with.
  3. Tracks every executable that was executed & interacted with.
  4. Tracks all the keystrokes & the windows they were pressed in.
  5. Logs all the Web site title & addresses that were visited.
Tags: , , , , , ,
Posted under Bookmarks, Networking, Tech |

Post a Comment

Emprex LM2202 - 22″ Wide LCD Monitor - Tech Spec »
« A walk to remember soundtrack, Mandy Moore Only Hope and Cry


We use third-party advertising companies to serve ads when you visit our website. These companies may use information (not including your name, address, email address, or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you.