Spyware.Snoop

Updated: February 13, 2007 11:45:30 AM

Type: Spyware

Version: 1.12

Publisher: Snoop Internet Security

Risk Impact: High

File Names: snoopinstall.exe sninp.dll Snoop.exe

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

When Spyware.Snoop is installed, it performs the following actions:

Creates the following file:

%UserProfile%\Desktop\snoopinstall.exe

Note: %UserProfile% is a variable that refers to the current user's profile folder. By default, this is C:\Documents and Settings\<Current User> (Windows NT/2000/XP).
Creates the following files in a folder defined by the user:
- icunst.exe
- sninp.dll
- snoop.chm
- Snoop.exe
- Uninstall.sop
Creates the following registry subkeys:

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID \{48FCE750-50E8-4656-D1B7-A1C99D9042B0} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID \{6C43F32A-4DFF-11D6-8286-0010A4066CF2} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib \{47303B26-D24E-FF56-4C1B-ABF29E26C538} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Snoop.Document HKEY_CURRENT_USER\Software\ASProtect HKEY_CURRENT_USER\Software\Snoop
Adds the value:

"Snoop" = "C:\[FOLDER DEFINED BY THE USER]\Snoop.exe /auto"

to the registry subkey:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runso that the risk runs every time Windows starts.
Monitors user activity such as URLs visited and emails sent. It also logs keystrokes and sends the logs to a predefined email address.

Summary

Search Threats

Search by name

_{Example: W32.Beagle.AG@mm}