Updated: February 13, 2007 11:38:10 AM
Type: Spyware
Version: 1.71
Publisher: ActualSpy.com
Risk Impact: High
File Names: ActualSpy.exe
Systems Affected: Windows 2000, Windows Me, Windows NT, Windows XP
Spyware.ActualKey has the following capabilities:
- Keystroke logging
- Screenshot capturing
- Clipboard monitoring
- Process open/close tracking
- Internet activity monitoring
- Log transferring via email
- Hiding and unhiding its tray icon using the hotkey combination. The default hotkey combination is Ctrl+Alt+Del+F8.
When Spyware.ActualSpy is installed, it does the following:
1. Creates the registry keys:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Actual Spy
HKEY_CURRENT_USER\Software\ActualSpy
HKEY_LOCAL_MACHINE\Software\ActualSpy
and adds subkeys and values to them to set flags and configurations.
2. Creates the following files:
- %ProgramFiles%\Actual Spy\ActualSpy.chm
- %ProgramFiles%\Actual Spy\ActualSpy.exe
- %ProgramFiles%\Actual Spy\FILE_ID.DIZ
- %ProgramFiles%\Actual Spy\hkdll.dll
- %ProgramFiles%\Actual Spy\hprog.dll
- %ProgramFiles%\Actual Spy\license.txt
- %ProgramFiles%\Actual Spy\readme.txt
- %ProgramFiles%\Actual Spy\uninstal.exe
- %ProgramFiles%\Actual Spy\uninstal.ini
- %ProgramFiles%\Actual Spy\logs\app.dat
- %ProgramFiles%\Actual Spy\logs\clipboard.dat
- %ProgramFiles%\Actual Spy\logs\key.dat
- %ProgramFiles%\Actual Spy\logs\screenshots.dat
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
