« Smitfraud
How to Proceed if you Cannot Uninstall the Old PopupStop Software »

SpySheriff

No Comments
Domesticus By Domesticus in Rogue Anti-Spyware Program | 54 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

SpywareIsolator Description

SpywareIsolator is a rogue anti-spyware application. SpywareIsolator is usually downloaded and installed onto your computer system by a Trojan, exploiting browser security vulnerabilities. Once SpywareIsolator is installed, it will perform a fraudulent scan that will result in exaggerated and extremely intrusive error messages. In other words, SpywareIsolator will try to trick credible computer users into buying the “full version” of the program. SpywareIsolator is a scam, and the only thing it will do is slow you computer down notably. It is strongly recommended to dispose of SpywareIsolator as soon as possible.

Type: Rogue AntiSpyware Programs

Automatic Detection of SpywareIsolator

 
 

Download SpyHunter’s Detection Scanner
to Detect SpywareIsolator.

 
 

SpywareIsolator Technical Report

As new SpywareIsolator details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following SpywareIsolator files with its MD5s were created in the system:

File Name File Size MD5
spywareisolator.exe 143360 730a729374d38ddb842815f750b2371f
sisetup.exe 1804004 0e3b91a9e4271c7f54bebdd668dff50e
sisetup.exe 1838290 92edb65deceec03a03d6ccdfb26afc6b
distrib%2Finstaller_125[1].exe 77824 f544fabe4f2588ec64378120b99e1a86
installer_125[1].exe 77824 f544fabe4f2588ec64378120b99e1a86
installer[1].exe 81920 89f85e496fa9a1c10451bace5a29d907
installer_abr[1].exe 86016 91099cea7deb4f474c1e774c6e69ac93
sisetup.exe 1805755 90d11f7eb11245332a46450b6db4dfc9
installer_abr[1].exe 81920 f76ea1f9514dd9bf06cfe488f15829e0
spywareisolator.exe 172032 b8c239ba28b292f9989d6f3546cf333c

SpywareIsolator has typically the following processes in memory:

  • spywareisolator.exe
  • SpywareIsolator_Installer[1].exe
  • tmpwisc1.exe

SpywareIsolator created the following directories, files, paths:

  • %AllUsersProfile%\Start Menu\Programs\SpywareIsolator
  • %ProgramFiles%\SpywareIsolator

SpywareIsolator creates the following registry entries:

  • HKEY_CURRENT_USER\software\spywareisolator
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 displayname
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 inno setup: deselected tasks
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 inno setup: setup version
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 installlocation
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 publisher
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 urlinfoabout
  • HKEY_CURRENT_USER\software\microsoft\windows\shellnoroam\muicache c:\program files\spywareisolator\spywareisolator.exe
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 inno setup: app path
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 inno setup: selected tasks
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 installdate
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 norepair
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 uninstallstring
  • spywareisolator
  • HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run spywareisolator
  • HKEY_CURRENT_USER\software\spywareisolator fr
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 helplink
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 inno setup: icon group
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 inno setup: user
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 nomodify
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 quietuninstallstring
  • HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywareisolator_is1 urlupdateinfo

Important Article Disclaimer

article disclaimer
ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 06/24/05 and is filed under Rogue Anti-Spyware Program. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs


Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2009. Enigma Software Group USA, LLC. All Rights Reserved.