MyShell
MyShell is a remote control with high risk that allows administrators to manage and control PCs or networks from a remote location. It can be used to steal information from the remote computer. It captures and logs keystrokes on the computer without
the user's knowledge and consent. MyShell is a remote control with high risk that allows administrators to manage and control PCs or networks from a remote location. It can be used to steal information from the remote computer. It captures and
logs keystrokes on the computer without the user's knowledge and consent.0
General information:
| Malware Name: |
MyShell |
| Malware Type: |
Remote Control |
| Company Name: |
MyShell |
| Company URL: |
http://www.itian.com.mx/
|
| Threat Level: |
High Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation |
Company Description:
MyShell provides you the software MyShell that is an excellent way to get the most out of your Windows PC. It will leave all the PC resources to your programs. The way it works is by temporary replacing, at your command, the Windows Desktop any time
you want. It also lets you select which one(s) of the programs to load by the registry at windows startup giving your program (or Game) all your PC power.
Spyware Description:
MyShell is a remote control with high risk that allows administrators to manage and control PCs or networks from a remote location. It can be used to steal information from the remote computer. It captures and logs keystrokes on the computer without
the user's knowledge and consent. MyShell is a remote control with high risk that allows administrators to manage and control PCs or networks from a remote location. It can be used to steal information from the remote computer. It captures and
logs keystrokes on the computer without the user's knowledge and consent.0
Characteristics/Symptoms:
-> Slows down the performance of PC. -> It can be used to watch what users are doing on the remote computer. -> It can also be used to monitor and steal information from the remote computer.
Additional information might be found here:
Processes Running:
MyShell.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\MyShell\MyShell.exe |
180224 |
Application |
| C:\Program Files\MyShell\ST6UNST.LOG |
2275 |
Text Document |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\MyShell |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ST6UNST #2 |
Changed0 |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ST6UNST #2 |
SlowInfoCache0 |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ST6UNST #2 |
[NULL]0 |
