This Trojan tracks the user's keystrokes, and is designed to steal confidentialinformation. It is a Windows PE EXE file. It is 136,192 bytes in size. Itis not packed in any way. It is written in Visual C++. InstallationWhen launched, the Trojan displays the following dialogue box: The user is then required to enter certain paramters, including the following:Directory, password, file name and startup key name. The resulting Trojan file,called KeyProbe.exe (43 520 bytes in size) which functions in resident mode,will be dropped to the specified folder. The Trojan creates the following registry key: [HKLM\Software\Rosebud Technologies LTD\Key Probe] It also adds the following values to the system registry: [HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"Key Probe" = "%WinDir%\KeyProbe.exe" This ensures that the Trojan will be launched each time Windows is bootedon the victim machine. The Trojan logs keystrokes Harvested data will be written to a log file calledlog.txt. It is possible to configure the Trojan spy while it is running by pressingShift five times and entering a password: If your computer does not have an up-to-date antivirus, or does not have anantivirus solution at all, follow the instructions below to delete the maliciousprogram: - Use Task Manager to terminate the Trojan process and delete theTrojan file:
"%WinDir%\KeyProbe.exe" - Delete the following registry key:
[HKLM\Software\Rosebud Technologies LTD\Key Probe] - Delete the following values from the system registry:
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"Key Probe" - Delete the original Trojan file (the location will depend onhow the program originally penetrated the victim machine).
- Update your antivirus databases and perform a full scan of thecomputer (download a trial version of Kaspersky Anti-Virus).
Printed From:http://www.viruslist.com/en/viruses/encyclopedia?virusid=41573
Similar Virus/Threat >>
Trojan-Spy.Win32.KeyLogger.lb
This Trojan tracks the user's keystrokes. This Trojan is a Windows DLL file.It is 72,192 bytes in size. It is written in Delphi. InstallationThis Trojan will be installed on the victim machine by...
Trojan-Spy.Win32.Goldun.ms
This Trojan steals confidential data. It is a Windows PE EXE file. The Trojancomponents vary in size from 39 to 48KB.InstallationWhen launching, the Trojan extracts the following file from its...
Trojan-Spy.Win32.Tofger.aa
This Trojan tracks the user's keystrokes. This Trojan is a Windows DLL file.This file will be used by other Trojan programs which are designed to stealconfidential data. It is 3,072 bytes in...
Trojan-Spy.Win32.KeyLogger.e
This Trojan tracks the user's keystrokes, and is designed to steal confidentialinformation. It is a Windows PE EXE file. It is written in Visual Basic. Itis 920,576 bytes in size. It is packed...
Trojan-Spy.Win32.QQSpy.12.a
This Trojan is designed to steal confidential data. It is a Windows PE EXEfile. It is written in Delphi. It is 193,024 bytes in size.The Trojan creates the following system registry...
Trojan-Spy.Win32.KeyLogger.h
This Trojan tracks the user's keystrokes, and is designed to steal confidentialinformation. It is a Windows PE EXE file. It is 376,832 bytes in size. Itis not packed in any way. It is written in...
Trojan-Spy.Win32.PcGhost.413
This Trojan is designed to steal confidential data. It is a Windows PE EXEfile. It is written in Delphi. It is 275,456 bytes in size.InstallationThis Trojan will be installed to the victim...
Trojan-Spy.Win32.PcGhost.400
This Trojan is designed to steal confidential data. It is a Windows PE EXEfile. It is written in Delphi. It is 273,920 bytes in size.InstallationThis Trojan will be installed to the victim...
Trojan-Spy.Win32.PcGhost.340
This Trojan is designed to steal confidential data. It is a Windows PE EXEfile. It is written in Delphi. It is 241,152 bytes in size.InstallationThis Trojan will be installed to the victim...
Trojan-Spy.Win32.Dks.131.b
This Trojan logs the user’s keystrokes. It is a Windows PE EXE file.It is written in Visual C++. The file is 6,144 bytes in size. The file is packedusing UPX. The unpacked file is...
Trojan-Spy.Win32.Small.a
This Trojan is designed to intercept information entered via the keyboard.The program itself is a Windows PE EXE file. It is 4,096 bytes in size. Itis packed using UPX. The unpacked file is...
Trojan-Spy.Win32.Banker.cmp
This Trojan program is designed to steal confidential data. It is a WindowsPE EXE file, and is 34304 bytes in size. It is packed using a customized packer.The Trojan copies itself to...
Trojan-Spy.Win32.Dks.131.a
This Trojan logs the user’s keystrokes. It is a Windows PE EXE file.It is written in Visual C++. The file is 6,144 bytes in size. The file is packedusing UPX. The unpacked file is...
Trojan-Spy.Win32.Banker.ckj
This Trojan intercepts confidential user data. It is a Windows PE EXE file,29KB in size, packed using MEW. The unpacked file is approximately 225KB insize.InstallationWhen launched, the Trojan...
Trojan-Spy.Win32.VB.oq
|
