Name: Keylog-Keylf

Risk Assessment

- Home Users: Low

- Corporate Users: Low

Date Discovered: 8/20/2003

Date Added: 8/20/2003

Origin: Unknown

Length: 521,728 (exe)

Type: Trojan

SubType: Password

DAT Required: 4289
This is a Key logger trojan. It logs any key pressed to a file. The file can be mailed out via SMTP mail.

It comes in a self-extracted archive. When run, the following three files are created: (%SysDir% is the Windows system directory)

%SysDir%mswin.exe
%SysDir%keylogf.dll
%SysDir%GpSysHookDLL.dll
The following registry key is created in order to load the trojan at Windows startup.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "MSWin" = %SysDir%mswin.exe
More Info @ http://vil.mcafee.com/dispVirus.asp?virus_k=100565