Content

Keylog-KLog

Type
Program
SubType
Keylogger
Discovery Date
03/03/2006
Minimum DAT
4710 (03/03/2006)
Updated DAT
4710 (03/03/2006)
Minimum Engine
5.1.00
Description Added
03/03/2006
Description Modified
03/05/2006 11:01 PM (PT)

Tab Navigation

Characteristics

McAfee(R) AVERT™ recognizes that this program may have legitimate uses in contexts where an authorized administrator has knowingly installed this application. If you agreed to a license agreement for this, or another bundled application, you may have legal obligations with regard to removing this software, or using the host application without this software. Please contact the software vendor for further information.

See http://vil.nai.com/vil/DATReadme.asp for a list of Program detections added to the DATs.

See http://vil.nai.com/vil/pups/configuration.htm for information about how to enable, disable, and exclude detection of  legitimately installed programs.

Summary

This is not a virus or a Trojan. It is detected as a potentially unwanted program. This application is a keylogger, designed to capture all typed keystrokes and mouse clicks which can be used to steal important account and password information.

When executed the following KeyLogger screen is launched.



This keylogger has provided an option to check the keylogging ability on its main screen. This is an added feature along with the usual keystroke and mouse capturing activity which it does in the background.
There are 2 sections provided on the screen, such that whenever you type anything below "Text to be copied", the keylogger first copies the captured keystrokes and mouse clicks in a log file and then display the same below "Text already copied:". The text displayed below "Text to be copied" ensures that all the keystrokes and mouse clicks are captured by the keylogger. The keylogger has a hide option, if selected captures keystrokes and mouse clicks in the hidden mode.

Privacy

There is no license agreement that get displayed during installation.

System Changes

File name:   Keylog.exe
MD5Hash: 27c330494868e64c98099137848cac72

Upon execution, the following file is created:

%SystemDrive%\a.txt

The captured keystrokes are converted into uppercase and stored in a.txt file and hence this keylogger is incapable of capturing case sensitive data. This application does not create any other files or registry entries for loading at startup.

Aliases

Aliases

  • Keylogger.Trojan : Symantec
  • Spy.Win32.KeyLogger.ab : Kaspersky