User Logger is a commercial PC surveillance tool that tracks user activity and takes screenshots. Registered version also records all user keystrokes. User Logger must be manually installed. It runs on every Windows startup and hides its active processes. The following files were created in the system:

PC Police is a commercial PC surveillance application that tracks user activity, logs all keystrokes and captures online chat conversations. Gathered data can be silently transferred to a remote PC. PC Police is not an actual spyware. However, it can be used for obvious malicious purposes. The application must be manually installed. It secretly runs on every Windows startup. The following files were created in the system:

SearchWords is a toolbar for Internet Explorer that modifies web search settings and shows undesirable commercial advertisements. The spyware must be manually installed. The following files were created in the system:

WALI is a commercial PC surveillance tool designed to record all user keystrokes, take screenshots, log Internet Explorer activity and capture online chat conversations. WALI saves logs to a hard disk. The application must be manually installed. It secretly runs on every Windows startup. The following files were created in the system:

Tixanbot is an extremely dangerous backdoor that gives the remote attacker full unauthorized access to a compromised PC. The attacker can manage the entire computer and files, download and install arbitrary softwares, update the backdoor, change Internet Explorer default home page, attack remote hosts and obtain computer information. Tixanbot terminates running essential computer services and security-related processes, closes active malware removers and removes registry entries related with...

Darkmoon is a RAT (or Remote Administration Trojan) that gives third parties control over your computer based on a simple client interface. Features boasted by Darkmoon include both general backdoor functions and specialized information-theft attacks, along with distribution methods that conceal its installers as unrelated files (such as torrents). Despite its breadth of potential aggression, Darkmoon has no meaningful symptoms linked to its presence; removing Darkmoon should use anti-malware...

SearchMall is an adware spyware that sends a web browser to a predetermined web site and then shows undesirable links and advertisements. It also changes Internet Explorer default home page to the www.thesearchmall.com site. The spyware can secretly get into the computer while visiting some unsafe web resources. It runs every time the user launches Internet Explorer. The following files were created in the system:

Arau is a malware spyware that secretly gathers information about the user and silently transfers it to a predetermined web server. It also can download and install arbitrary applications. Arau can get into the computer as a result of another malware infection. The following files were created in the system:

The Web Bar application by Web Bar media may offer Web surfers an improved protection against phishing scams, but it is adware and should not be trusted. The primary function of the Web Bar adware is to show coupons, discounts, and promotional materials on banners, pop-up and pop-under windows. The Web Bar adware may add an icon in the top right corner of your Internet browser to show you statistics on the websites you visit that may contain useful information like page rank, visits per day...

Hacker Wacker is a commercial keylogger that tracks user activity, logs each keystroke, takes screenshots and records addresses of visited web sites. It also disbles standard Windows utilities such as the Registry Editor and Task Manager. Gathered data can be sent to a configurable e-mail address. The application must be manually installed. Hacker Wacker runs on every Windows startup. The following files were created in the system:

Guapim is a dangerous and widely spread Internet worm that propagates through AOL Instant Messenger and MSN Messenger by sending messages with certain links to all the contacts. Clicking on such a link downloads and installs the spyware. Guapim can also distribute itself in file sharing networks. The threat compromises overall computer security and blocks access to reputable security-related web sites. It also secretly downloads and installs the even more dangerous Spybot worm. Guapim runs on...

Litebot is a dangerous backdoor that allows the remote attacker to download and execute arbitrary files from the Internet. The spyware also decreases overall computer security by changing default Windows firewall settings. Litebot main files have random names. The backdoor automatically runs on every Windows startup. The following files were created in the system:

Ruland is a dangerous mass-mailing worm that uses Microsoft Outlook mail application to send e-mail messages with links leading to infected files. Once the user clicks on such a link, the spyware installs itself to the computer. Ruland downloads a predetermined file from the Internet and drops several trojans, which steal bank account details and give the remote attacker unauthorized access to a compromised PC. The worm automatically runs on every Windows startup. Its activity results in user...

IntraSpy is a commercial PC surveillance application that tracks user activity, logs all keystrokes, records passwords and web sites visited, captures e-mail messages and online chat conversations. Gathered data is saved into encrypted file on a hard disk. IntraSpy is able to hide itself from the user. The application must be manually installed. The following files were created in the system:

Real Spy Monitor is a commercial PC surveillance product that tracks user activity, logs all keystrokes, takes screenshots, records passwords and web sites visited, captures online chat conversations and web mail messages. Gathered data can be sent to a configurable e-mail address. Real Spy Monitor must be manually installed. It secretly runs on every Windows startup. The following files were created in the system:

Mepcod is a backdoor that gives the attacker remote unauthorized access to a compromised PC. It also contacts a predetermined web server and downloads arbitrary files and additional instructions. Mepcod automatically runs on every Windows startup. The following files were created in the system:

IEMenuExt is a parasitical Internet Explorer plugin with malware and adware functionality. It adds a toolbar and records addresses of user visited web sites. Gathered data is sent to a predetermined web server. IEMenuExt also shows undesirable commercial advertisements. The spyware gets into the computer along with some ad-supported software. It also can be manually installed. IEMenuExt automatically runs on every Windows startup. The following files were created in the system:

HDTBar is an adware spyware that installs an Internet Explorer toolbar and shows undesirable commercial advertisements. It also may download arbitrary files from the Internet. HDTBar can silently get into the computer while visiting some insecure web sites. The following files were created in the system:

Instdollars is an illegal advertising application. It monitors user's web search keywords and serves undesirable commercial advertisements. The spyware must be manually installed. It automatically runs on every Windows startup. Instdollars uses files with random names, so its detection is a quite difficult task. The following newly produced Registry Values are: HKEY..\..\..\.. {RegistryKeys} 4F507FE0-FFF8-4B7A-8F53-FCB8FD120594InprocServer32...

Smart Browse is an Internet Explorer toolbar with additional malware functionality. The application changes web browser default search page, logs user search queries and records user e-mail addresses. Gathered data can be given to third-party advertising companies without explicit user consent. Smart Browse is automatically installed by some web sites. The threat runs every time a user starts Internet Explorer. The following files were created in the system: