| Port No | 3031 |
| Service Name | Microspy |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Microspy 1.0 is a Visual Basic 5 trojan. Note that this trojan has a keylogger so if you get infected with it you should probably change your passwords. |
| Reference Link | Microspy Trojan |
| Attack | It autoloads the Registry: Win.ini: Load=c:\windows\Win32.exe under [windows] It does the following : AIM spy Caps lock on/off Clipboard manager Disable/enable ALT-CTRL-DEL Document manager (.bat files) File manager Get information Hide/show desktop Hide/show start button Hide/show task bar IP sniffer Keylogger on/off Nums lock on/off Open/close CD-Rom Process manager Scroll lock on/off Send email Send message Send to URL Set mouse position Removal : 1.Open the win.ini(Usually c:\windows\win.ini) and remove the key: Load=c:\windows\Win32.exe under [Windows], this can be done with any text editing program. 2. Reboot the computer or close Win32.exe. 3. Delete the trojan file Win32.exe in the windows directory |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.