Summary
Summary
More Information
| Affected operating systems | Windows |
|---|---|
| Protection available since | 30 October 2009 14:25:30 (GMT) |
| Detected by | Sophos Anti-Virus for Windows, version 7, and PureMessage for Microsoft Exchange. |
More Information
- Summary
- More Information
xp-AntiSpy is a potentially unwanted application which turns off essential Windows services.
The default installation folder is:
<Program Files>\xp-AntiSpy
When xp-AntiSpy is installed the following files are typically created:
<Desktop>\xp-AntiSpy_Sponsor.lnk
<Desktop>\xp-AntiSpy.lnk
<Start Menu\Programs>\xp-AntiSpy
<Start Menu\Programs>\xp-AntiSpy\xp-AntiSpy.lnk
<Start Menu\Programs>\xp-AntiSpy\Bedienungsanleitung.lnk
<Start Menu\Programs>\xp-AntiSpy\Homepage.lnk
<Start Menu\Programs>\xp-AntiSpy\Deinstallieren.lnk
<Start Menu\Programs>\xp-AntiSpy\xp-AntiSpy.lnk
<Program Files>\xp-AntiSpy
<Program Files>\xp-AntiSpy\xp-AntiSpy.exe
<Program Files>\xp-AntiSpy\xp-AntiSpy.chm
<Program Files>\xp-AntiSpy\xp-AntiSpy.url
<Program Files>\xp-AntiSpy\Uninstall.exe
<Program Files>\xp-AntiSpy\sponsoring\sponsor.html
<Program Files>\xp-AntiSpy\sponsoring\ebay.ico
<Program Files>\xp-AntiSpy\sponsoring\xp-AntiSpy_sponsor.url
<Program Files>\xp-AntiSpy\sponsoring\desktop.ico
The file ebay.ico is registered as a plugin, creating registry entries under:
HKCU\Software\Microsoft\Internet Explorer\Extensions\{0e921e80-267a-42aa-aee4-60b9a1222a44}
The following registry entry is set:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\xp-AntiSpy.exe
(Default)
<Program Files>\xp-AntiSpy\xp-AntiSpy.exe
Registry entries are created under:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\xp-AntiSpy
HKCU\Software\xp-AntiSpy
xp-AntiSpy provides an uninstall option which can be accessed via the Add or Remove Programs dialog in the Windows Control Panel. The software is listed as "xp-AntiSpy 3.97-4".
|
