McAfee > Theat Center > Virus Detail Page

Overview

This is a Potentially Unwanted Program (PUP) detection. It is not a virus or trojan. PUPs are any piece of software which a reasonably security-or privacy-minded computer user may want to be informed of.

Aliases

• Keylogger.Trojan : Symantec

• Spy.Win32.KeyLogger.ab : Kaspersky

Characteristics

McAfee(R) AVERT™ recognizes that this program may have legitimate uses in contexts where an authorized administrator has knowingly installed this application. If you agreed to a license agreement for this, or another bundled application, you may have legal obligations with regard to removing this software, or using the host application without this software. Please contact the software vendor for further information.

See http://vil.nai.com/vil/DATReadme.asp for a list of Program detections added to the DATs.

See http://vil.nai.com/vil/pups/configuration.htm for information about how to enable, disable, and exclude detection of  legitimately installed programs.

Summary

This is not a virus or a Trojan. It is detected as a potentially unwanted program. This application is a keylogger, designed to capture all typed keystrokes and mouse clicks which can be used to steal important account and password information.

When executed the following KeyLogger screen is launched.

This keylogger has provided an option to check the keylogging ability on its main screen. This is an added feature along with the usual keystroke and mouse capturing activity which it does in the background.
There are 2 sections provided on the screen, such that whenever you type anything below "Text to be copied", the keylogger first copies the captured keystrokes and mouse clicks in a log file and then display the same below "Text already copied:". The text displayed below "Text to be copied" ensures that all the keystrokes and mouse clicks are captured by the keylogger. The keylogger has a hide option, if selected captures keystrokes and mouse clicks in the hidden mode.

Privacy

There is no license agreement that get displayed during installation.

System Changes

File name:   Keylog.exe
MD5Hash: 27c330494868e64c98099137848cac72

Upon execution, the following file is created:

%SystemDrive%\a.txt

The captured keystrokes are converted into uppercase and stored in a.txt file and hence this keylogger is incapable of capturing case sensitive data. This application does not create any other files or registry entries for loading at startup.

Symptoms

N/A This is not a virus or Trojan.

Method of Infection

N/A This is not a virus or Trojan.

Removal

Instructions on Enabling/Disabling Detection and Removal of Potentially Unwanted Programs

Variants

Variants

N/A

All Information

Overview -

This is a Potentially Unwanted Program (PUP) detection. It is not a virus or trojan. PUPs are any piece of software which a reasonably security-or privacy-minded computer user may want to be informed of.

Aliases

• Keylogger.Trojan : Symantec

• Spy.Win32.KeyLogger.ab : Kaspersky

Characteristics

Characteristics -

McAfee(R) AVERT™ recognizes that this program may have legitimate uses in contexts where an authorized administrator has knowingly installed this application. If you agreed to a license agreement for this, or another bundled application, you may have legal obligations with regard to removing this software, or using the host application without this software. Please contact the software vendor for further information.

See http://vil.nai.com/vil/DATReadme.asp for a list of Program detections added to the DATs.

See http://vil.nai.com/vil/pups/configuration.htm for information about how to enable, disable, and exclude detection of  legitimately installed programs.

Summary

This is not a virus or a Trojan. It is detected as a potentially unwanted program. This application is a keylogger, designed to capture all typed keystrokes and mouse clicks which can be used to steal important account and password information.

When executed the following KeyLogger screen is launched.

This keylogger has provided an option to check the keylogging ability on its main screen. This is an added feature along with the usual keystroke and mouse capturing activity which it does in the background.
There are 2 sections provided on the screen, such that whenever you type anything below "Text to be copied", the keylogger first copies the captured keystrokes and mouse clicks in a log file and then display the same below "Text already copied:". The text displayed below "Text to be copied" ensures that all the keystrokes and mouse clicks are captured by the keylogger. The keylogger has a hide option, if selected captures keystrokes and mouse clicks in the hidden mode.

Privacy

There is no license agreement that get displayed during installation.

System Changes

File name:   Keylog.exe
MD5Hash: 27c330494868e64c98099137848cac72

Upon execution, the following file is created:

%SystemDrive%\a.txt

The captured keystrokes are converted into uppercase and stored in a.txt file and hence this keylogger is incapable of capturing case sensitive data. This application does not create any other files or registry entries for loading at startup.

Symptoms

Symptoms -

N/A This is not a virus or Trojan.

Method of Infection

Method of Infection -

N/A This is not a virus or Trojan.

Removal -

Removal -

Instructions on Enabling/Disabling Detection and Removal of Potentially Unwanted Programs

Variants

Variants -

N/A