||||
Symantec.com > Security Response > Threats and Risks > Spyware.ComKeylogger
PRINT THIS PAGE

Spyware.ComKeylogger

Printer Friendly Page

Updated: February 13, 2007 11:45:56 AM
Type: Spyware
Version: 1.3
Publisher: ETN
Risk Impact: High
File Names: etnkeylog.msi ETNKL.exe
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP


When Spyware.ComKeylogger is installed, it does the following:

  1. Creates the following files:

    • %UserProfile%\Desktop\ComputerKeylogger.com Full.lnk
    • %UserProfile%\Local Settings\Temp\JET9024.tmp
    • %UserProfile%\Local Settings\Temp\~DF3212.tmp
    • %UserProfile%\Start Menu\Programs\ETN Software\ComputerKeylogger.com Full\ComputerKeylogger.com Full.lnk
    • %UserProfile%\Start Menu\Programs\ETN Software\ComputerKeylogger.com Full\Readme-Help.lnk
    • %ProgramFiles%\ETNKL\ETNKL.exe - detected as Spyware.ComKeylogger
    • %ProgramFiles%\ETNKL\EventScheduler.ldb
    • %ProgramFiles%\ETNKL\EventScheduler.mdb
    • %ProgramFiles%\ETNKL\Help.rtf
    • %ProgramFiles%\ETNKL\riched32.dll
    • %Windir%\Installer\[random_name].msi - detected as Spyware.ComKeylogger
    • %System%\actskn43.ocx
    • %System%\dijpg.dll
    • %System%\richtx32.ocx
    • %System%\skinboxer43.dll

      Note:
    • %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
    • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows (Windows 95/98/Me/XP) or C:\Winnt (Windows NT/2000).
    • %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.
    • %UserProfile% is a variable that refers to the current user's profile folder. By default, this is C:\Documents and Settings\[CURRENT USER] (Windows NT/2000/XP).

  2. Creates the following registry keys:

    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00F442C2-5C9E-4ae5-AF7D-FB4E0350C2E3}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{13AFA3A3-5687-487c-93F2-63D5DA468F4E}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BE669B7-D464-438A-94A7-7FDA6C47BA47}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32239586-29DE-4268-8AF3-CE7658D3D672}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B7C8860-D78F-101B-B9B5-04021C009402}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AAECB3B-3D56-47c7-8706-77899E73802A}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62289CBE-3BE2-4ba9-AC20-A911C900039A}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66A21AEA-5A05-46b5-B7CD-C1AAAF4770CD}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{78E5A540-1850-11CF-9D53-00AA003C9CB6}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{795514CB-A81C-48f6-87AB-5B22D433D5D8}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFC634B0-4B8B-11CF-8989-00AA00688B10}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B195FE25-16D9-4d1b-AD10-0701F9A5E277}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B617B991-A767-4F05-99BA-AC6FCABB102E}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA8C584B-209C-4d54-8BB1-8AB5F1DCA18E}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1698320-77BD-4776-96FD-C3C8D71E57E2}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E28DD8A6-E9BC-4d3e-A7F7-BC9644138CE2}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EC2EC911-E047-4810-9535-6CAFE1ADC3AD}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EDBA2AAC-8A00-4eed-A2E4-74BFB760BE10}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Component Categories\{55E89939-3D2B-4954-80EA-2703A8EA1A10}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3B7C8862-D78F-101B-B9B5-04021C009402}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{859321D0-3FD1-11CF-8981-00AA00688B10}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{92AEA298-248E-45DB-97B6-A8C7CD5892E7}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A4AB5D2E-CEAE-4DD2-B99F-C9508575ADC7}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B3F3C14C-FED2-45B8-9EE2-036460E8B171}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E9A5593C-CAB0-11D1-8C0B-0000F8754DA1}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{ED117630-4090-11CF-8981-00AA00688B10}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FF19F6B2-10D9-46B1-9050-2E8E2C4B2DDD}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3B7C8863-D78F-101B-B9B5-04021C009402}\1.2
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{61DDCB65-FFA8-42EE-9AB9-88EC8184120C}\1.0
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{74848F95-A02A-4286-AF0C-A3C755E4A5B3}\1.0
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ActiveSkin4.Skin2
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ActiveSkin4.Skin2.1
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ActiveSkin4.SkinLabel2
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ActiveSkin4.SkinLabel2.1
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RICHTEXT.RichtextCtrl
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RICHTEXT.RichtextCtrl.1
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SkinBoxer43.SkinBoxer
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SkinBoxer43.SkinBoxer.1
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\D76BD97D6440ED747ABDE9813D71C215
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C7E0033D-A631-4E97-8CEF-53C3F362BE9F}
    HKEY_LOCAL_MACHINE\SOFTWARE\ETN\ComputerKeylogger.com
    HKEY_CURRENT_USER\Software\Microsoft\Installer\Features\D3300E7C136A79E4C8FE353C3F26EBF9
    HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D3300E7C136A79E4C8FE353C3F26EBF9
    HKEY_CURRENT_USER\Software\Microsoft\Installer\UpgradeCodes\D76BD97D6440ED747ABDE9813D71C215
    HKEY_CURRENT_USER\Software\Classes\CLSID\{0000002F-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{00020420-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{00020421-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{00020422-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{00020423-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{00020424-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{00020425-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{0002E005-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{248DD896-BB45-11CF-9ABC-0080C7E7B78D}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{248DD897-BB45-11CF-9ABC-0080C7E7B78D}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE32-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE33-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE35-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE36-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE38-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE39-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE3A-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE3B-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE3C-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE3D-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE3E-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE3F-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE40-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE41-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C27CCE42-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}
    HKEY_CURRENT_USER\Software\Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}
    HKEY_CURRENT_USER\Software\Classes\Interface\{083039C2-13F4-11D1-8B7E-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\Interface\{1EFB6594-857C-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{1EFB6595-857C-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{1EFB6597-857C-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{1EFB6599-857C-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{20DD1B9B-87C4-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\Interface\{20DD1B9D-87C4-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\Interface\{232E4565-87C3-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\Interface\{232E4569-87C3-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\Interface\{2334D2B1-713E-11CF-8AE5-00AA00C00905}
    HKEY_CURRENT_USER\Software\Classes\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}
    HKEY_CURRENT_USER\Software\Classes\Interface\{248DD892-BB45-11CF-9ABC-0080C7E7B78D}
    HKEY_CURRENT_USER\Software\Classes\Interface\{248DD893-BB45-11CF-9ABC-0080C7E7B78D}
    HKEY_CURRENT_USER\Software\Classes\Interface\{2C247F21-8591-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{2C247F22-8591-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{2C247F24-8591-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{2C247F26-8591-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{35053A20-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{35053A21-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{603C7E7E-87C2-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\Interface\{603C7E7F-87C2-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\Interface\{66833FE4-8583-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{66833FE5-8583-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{66833FE7-8583-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{66833FE9-8583-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{66833FEB-8583-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{66833FED-8583-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{8E3867A1-8586-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{8E3867A2-8586-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{8E3867A4-8586-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{8E3867AA-8586-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{B09DE713-87C1-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\Interface\{B09DE714-87C1-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER\Software\Classes\Interface\{BDD1F049-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{BDD1F04A-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{BDD1F04C-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{BDD1F04E-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{BDD1F050-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{BDD1F051-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{BDD1F053-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{BDD1F055-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{C74190B4-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{C74190B5-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{C74190B7-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{C74190B8-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{C8A3DC00-8593-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{DD9DA660-8594-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{DD9DA662-8594-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{DD9DA664-8594-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{DD9DA665-8594-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{F08DF952-8592-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{F08DF953-8592-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER\Software\Classes\Interface\{F9043C87-F6F2-101A-A3C9-08002B2F49FB}
    HKEY_CURRENT_USER\Software\Classes\Interface\{FE387538-44A3-11D1-B5B7-0000C09000C4}
    HKEY_CURRENT_USER\Software\Classes\Interface\{FE387539-44A3-11D1-B5B7-0000C09000C4}
    HKEY_CURRENT_USER\Software\Classes\Component Categories
    HKEY_CURRENT_USER\Software\Classes\MSComCtl2.Animation
    HKEY_CURRENT_USER\Software\Classes\MSComCtl2.Animation.2
    HKEY_CURRENT_USER\Software\Classes\MSComCtl2.DTPicker
    HKEY_CURRENT_USER\Software\Classes\MSComCtl2.DTPicker.2
    HKEY_CURRENT_USER\Software\Classes\MSComCtl2.FlatScrollBar
    HKEY_CURRENT_USER\Software\Classes\MSComCtl2.FlatScrollBar.2
    HKEY_CURRENT_USER\Software\Classes\MSComCtl2.MonthView
    HKEY_CURRENT_USER\Software\Classes\MSComCtl2.MonthView.2
    HKEY_CURRENT_USER\Software\Classes\MSComCtl2.UpDown
    HKEY_CURRENT_USER\Software\Classes\MSComCtl2.UpDown.2
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.ImageComboCtl
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.ImageComboCtl.2
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.ImageListCtrl
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.ImageListCtrl.2
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.ListViewCtrl
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.ListViewCtrl.2
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.ProgCtrl
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.ProgCtrl.2
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.SBarCtrl
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.SBarCtrl.2
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.Slider
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.Slider.2
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.TabStrip
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.TabStrip.2
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.Toolbar
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.Toolbar.2
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.TreeCtrl
    HKEY_CURRENT_USER\Software\Classes\MSComctlLib.TreeCtrl.2
    HKEY_CURRENT_USER\Software\Classes\MSComDlg.CommonDialog
    HKEY_CURRENT_USER\Software\Classes\MSComDlg.CommonDialog.1
    HKEY_CURRENT_USER\Software\Classes\MSWinsock.Winsock
    HKEY_CURRENT_USER\Software\Classes\MSWinsock.Winsock.1
    HKEY_CURRENT_USER\Software\Classes\OldFont
    HKEY_CURRENT_USER\Software\Classes\StdFont
    HKEY_CURRENT_USER\Software\Classes\StdPicture
    HKEY_CURRENT_USER\Software\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER\Software\Classes\TypeLib\{000204EF-0000-0000-C000-000000000046}\6.0
    HKEY_CURRENT_USER\Software\Classes\TypeLib\{248DD890-BB45-11CF-9ABC-0080C7E7B78D}\1.0
    HKEY_CURRENT_USER\Software\Classes\TypeLib\{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}\2.0
    HKEY_CURRENT_USER\Software\Classes\TypeLib\{86CF1D34-0C5F-11D2-A9FC-0000F8754DA1}\2.0
    HKEY_CURRENT_USER\Software\Classes\TypeLib\{EA544A21-C82D-11D1-A3E4-00A0C90AEA82}\6.0
    HKEY_CURRENT_USER\Software\Classes\TypeLib\{F9043C88-F6F2-101A-A3C9-08002B2F49FB}\1.2
    HKEY_CURRENT_USER\Software\VB and VBA Program Settings\ComputerKeylogger.com
    HKEY_CURRENT_USER_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER_Classes\CLSID\{00020420-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER_Classes\CLSID\{00020421-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER_Classes\CLSID\{00020422-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER_Classes\CLSID\{00020423-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER_Classes\CLSID\{00020424-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER_Classes\CLSID\{00020425-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}
    HKEY_CURRENT_USER_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}
    HKEY_CURRENT_USER_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}
    HKEY_CURRENT_USER_Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\CLSID\{248DD896-BB45-11CF-9ABC-0080C7E7B78D}
    HKEY_CURRENT_USER_Classes\CLSID\{248DD897-BB45-11CF-9ABC-0080C7E7B78D}
    HKEY_CURRENT_USER_Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}
    HKEY_CURRENT_USER_Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}
    HKEY_CURRENT_USER_Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}
    HKEY_CURRENT_USER_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}
    HKEY_CURRENT_USER_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}
    HKEY_CURRENT_USER_Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}
    HKEY_CURRENT_USER_Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}
    HKEY_CURRENT_USER_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE32-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE33-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE35-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE36-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE38-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE39-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE3A-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE3B-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE3C-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE3D-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE3E-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE3F-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE40-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE41-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C27CCE42-8596-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}
    HKEY_CURRENT_USER_Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}
    HKEY_CURRENT_USER_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}
    HKEY_CURRENT_USER_Classes\Interface\{083039C2-13F4-11D1-8B7E-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\Interface\{1EFB6594-857C-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{1EFB6595-857C-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{1EFB6597-857C-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{1EFB6599-857C-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{20DD1B9B-87C4-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\Interface\{20DD1B9D-87C4-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\Interface\{232E4565-87C3-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\Interface\{232E4569-87C3-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\Interface\{2334D2B1-713E-11CF-8AE5-00AA00C00905}
    HKEY_CURRENT_USER_Classes\Interface\{2334D2B3-713E-11CF-8AE5-00AA00C00905}
    HKEY_CURRENT_USER_Classes\Interface\{248DD892-BB45-11CF-9ABC-0080C7E7B78D}
    HKEY_CURRENT_USER_Classes\Interface\{248DD893-BB45-11CF-9ABC-0080C7E7B78D}
    HKEY_CURRENT_USER_Classes\Interface\{2C247F21-8591-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{2C247F22-8591-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{2C247F24-8591-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{2C247F26-8591-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{35053A20-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{35053A21-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{603C7E7E-87C2-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\Interface\{603C7E7F-87C2-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\Interface\{66833FE4-8583-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{66833FE5-8583-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{66833FE7-8583-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{66833FE9-8583-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{66833FEB-8583-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{66833FED-8583-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{8E3867A1-8586-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{8E3867A2-8586-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{8E3867A4-8586-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{8E3867AA-8586-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{B09DE713-87C1-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\Interface\{B09DE714-87C1-11D1-8BE3-0000F8754DA1}
    HKEY_CURRENT_USER_Classes\Interface\{BDD1F049-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{BDD1F04A-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{BDD1F04C-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{BDD1F04E-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{BDD1F050-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{BDD1F051-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{BDD1F053-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{BDD1F055-858B-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{C74190B4-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{C74190B5-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{C74190B7-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{C74190B8-8589-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{C8A3DC00-8593-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{DD9DA660-8594-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{DD9DA662-8594-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{DD9DA664-8594-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{DD9DA665-8594-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{F08DF952-8592-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{F08DF953-8592-11D1-B16A-00C0F0283628}
    HKEY_CURRENT_USER_Classes\Interface\{F9043C87-F6F2-101A-A3C9-08002B2F49FB}
    HKEY_CURRENT_USER_Classes\Interface\{FE387538-44A3-11D1-B5B7-0000C09000C4}
    HKEY_CURRENT_USER_Classes\Interface\{FE387539-44A3-11D1-B5B7-0000C09000C4}
    HKEY_CURRENT_USER_Classes\Component Categories
    HKEY_CURRENT_USER_Classes\MSComCtl2.Animation
    HKEY_CURRENT_USER_Classes\MSComCtl2.Animation.2
    HKEY_CURRENT_USER_Classes\MSComCtl2.DTPicker
    HKEY_CURRENT_USER_Classes\MSComCtl2.DTPicker.2
    HKEY_CURRENT_USER_Classes\MSComCtl2.FlatScrollBar
    HKEY_CURRENT_USER_Classes\MSComCtl2.FlatScrollBar.2
    HKEY_CURRENT_USER_Classes\MSComCtl2.MonthView
    HKEY_CURRENT_USER_Classes\MSComCtl2.MonthView.2
    HKEY_CURRENT_USER_Classes\MSComCtl2.UpDown
    HKEY_CURRENT_USER_Classes\MSComCtl2.UpDown.2
    HKEY_CURRENT_USER_Classes\MSComctlLib.ImageComboCtl
    HKEY_CURRENT_USER_Classes\MSComctlLib.ImageComboCtl.2
    HKEY_CURRENT_USER_Classes\MSComctlLib.ImageListCtrl
    HKEY_CURRENT_USER_Classes\MSComctlLib.ImageListCtrl.2
    HKEY_CURRENT_USER_Classes\MSComctlLib.ListViewCtrl
    HKEY_CURRENT_USER_Classes\MSComctlLib.ListViewCtrl.2
    HKEY_CURRENT_USER_Classes\MSComctlLib.ProgCtrl
    HKEY_CURRENT_USER_Classes\MSComctlLib.ProgCtrl.2
    HKEY_CURRENT_USER_Classes\MSComctlLib.SBarCtrl
    HKEY_CURRENT_USER_Classes\MSComctlLib.SBarCtrl.2
    HKEY_CURRENT_USER_Classes\MSComctlLib.Slider
    HKEY_CURRENT_USER_Classes\MSComctlLib.Slider.2
    HKEY_CURRENT_USER_Classes\MSComctlLib.TabStrip
    HKEY_CURRENT_USER_Classes\MSComctlLib.TabStrip.2
    HKEY_CURRENT_USER_Classes\MSComctlLib.Toolbar
    HKEY_CURRENT_USER_Classes\MSComctlLib.Toolbar.2
    HKEY_CURRENT_USER_Classes\MSComctlLib.TreeCtrl
    HKEY_CURRENT_USER_Classes\MSComctlLib.TreeCtrl.2
    HKEY_CURRENT_USER_Classes\MSComDlg.CommonDialog
    HKEY_CURRENT_USER_Classes\MSComDlg.CommonDialog.1
    HKEY_CURRENT_USER_Classes\MSWinsock.Winsock
    HKEY_CURRENT_USER_Classes\MSWinsock.Winsock.1
    HKEY_CURRENT_USER_Classes\OldFont
    HKEY_CURRENT_USER_Classes\StdFont
    HKEY_CURRENT_USER_Classes\StdPicture
    HKEY_CURRENT_USER_Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0
    HKEY_CURRENT_USER_Classes\TypeLib\{000204EF-0000-0000-C000-000000000046}\6.0
    HKEY_CURRENT_USER_Classes\TypeLib\{248DD890-BB45-11CF-9ABC-0080C7E7B78D}\1.0
    HKEY_CURRENT_USER_Classes\TypeLib\{831FDD16-0C5C-11D2-A9FC-0000F8754DA1}\2.0
    HKEY_CURRENT_USER_Classes\TypeLib\{86CF1D34-0C5F-11D2-A9FC-0000F8754DA1}\2.0
    HKEY_CURRENT_USER_Classes\TypeLib\{EA544A21-C82D-11D1-A3E4-00A0C90AEA82}\6.0
    HKEY_CURRENT_USER_Classes\TypeLib\{F9043C88-F6F2-101A-A3C9-08002B2F49FB}\1.2

  3. Adds the value:

    "MSRegScan" = "%ProgramFiles%\ETNKL\ETNKL"

    to the registry subkey:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

    so that it runs every time Windows starts.

  4. Logs key strokes, catures screenshots, and monitors Internet activity.


Search by name
Example: W32.Beagle.AG@mm
Limited Time Offers! Save up to 50%
Windows Vista Security
©1995 - 2009 Symantec Corporation
Site Map|
Legal Notices|
Privacy Policy|
|
Contact Us|
Global Sites|
License Agreements|
RSS