AlertSpy

It is a Rogue Security Program that purports to scan and detect malware or other problems on the computer, but which attempts to dupe or badger users into purchasing the program by presenting the user with intrusive, deceptive warnings and/or false, misleading scan results. Rogue Security Programs typically use aggressive, deceptive advertising and may be installed without adequate notice and consent, often though exploits. It includes Elevated threats that are typically installed without adequate notice and consent, and may make unwanted changes to our system, such as reconfiguring our browser’s homepage and search settings. These threats may install advertising-related add-ons, including toolbars and search bars, or insert advertising-related components into the Winsock Layered Service Provider chain.0

General information:

Malware Name:AlertSpy
Malware Type:Rogue Security Program
Company Name:AlertSpy
Company URL:http://alertspy.com/
Threat Level:Elevated Risk
Operating System:WIN XP
Installation Type:Installed through EXE
Operation:Time of After Installation.

Company Description:

AlertSpy scan and remove the Spyware, Adware, Trojans, Dialers, worms and other in our system. It scans our PC's Processes, Memory and System Registry for hidden. It stops annoying Popup ads. It eliminates spyware and adware. It protects our privacy. AlertSpy AntiSpyware is free to download.

Spyware Description:

It is a Rogue Security Program that purports to scan and detect malware or other problems on the computer, but which attempts to dupe or badger users into purchasing the program by presenting the user with intrusive, deceptive warnings and/or false, misleading scan results. Rogue Security Programs typically use aggressive, deceptive advertising and may be installed without adequate notice and consent, often though exploits. It includes Elevated threats that are typically installed without adequate notice and consent, and may make unwanted changes to our system, such as reconfiguring our browser’s homepage and search settings. These threats may install advertising-related add-ons, including toolbars and search bars, or insert advertising-related components into the Winsock Layered Service Provider chain.0

Characteristics/Symptoms:

    -> False positives work as good to purchase -> False scan results -> Uses inadequate scan/detection scheme -> Uses out of date ref database0

Additional information might be found here:

googleSearch at Google for AlertSpy
bingSearch at Bing for AlertSpy
yahooSearch at Yahoo for AlertSpy

Processes Running:

AlertSpy.exe

File information Created after Installation:

File LocationSize (Bytes)Type
C:\Program Files\AlertSpy\SpyWares\Alexa Related\description.html315HTML Document
C:\Program Files\AlertSpy\SpyWares\Alexa Related\fixedregistry.txt222Text Document
C:\Program Files\AlertSpy\SpyWares\WebSearchToolbar\files.txt13Text Document

Folder information Created after Installation:

Folder Location
C:\Program Files\AlertSpy\Logs
C:\Program Files\AlertSpy\SpyWares

Registry information Created after Installation:

Main Registry KeySub Registry KeyKey Value Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AlertSpyPublisher
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AlertSpyURLInfoAbout
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AlertSpyUninstallString