SpyBro

SpyBro or Spy Bro, is a rogue anti-spyware program usually installed by a Trojan Zlob or Vundo from a fake video codec installer found in adult websites. Once SpyBro is installed, it will flood your system with popups and fake system notifications stating that you're infected with an exaggerated amount of threats. SpyBro's messages are only designed to trick you into buying a product that doesn't alleviate any of your spyware problems, moreover, SpyBro is a problem itself. SpyBro may cause your computer to slow down and even put yout personal and financial information at risk. There is no such thing as a SpyBro's licensed version, it is all a huge scam.

File System Modifications

• The following files were created in the system:
  

  #	File Name
  1	%UserProfile%\Application Data\SpyBro\base.dat
  2	%UserProfile%\Application Data\SpyBro\base2.dat
  3	%UserProfile%\Application Data\SpyBro\Desc.dat
  4	%UserProfile%\Application Data\SpyBro\spline.dat
  5	%UserProfile%\Application Data\SpyBro\SpyBro.ini
  6	%UserProfile%\SpyBro.exe
  7	C:\Programme\SpyBro\Antispy.sys
  8	C:\Programme\SpyBro\LawEnforcer.dll
  9	C:\Programme\SpyBro\SpyBro.exe
  10	C:\Programme\SpyBro\unins000.exe
  11	redir.dll
  12	SpyBro.lnk

Registry Modifications

• The following newly produced Registry Values are:
  HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run SpyBroHKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{f3642b57-3ea8-4eea-a643-9de138381a57}HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\clsid\{f3642b57-3ea8-4eea-a643-9de138381a57}HKEY_CLASSES_ROOT\clsid\{f3642b57-3ea8-4eea-a643-9de138381a57}\inprocserver32HKEY_CLASSES_ROOT\clsid\{f3642b57-3ea8-4eea-a643-9de138381a57}\inprocserver32 threadingmodel