Spyware.Keylogger

Printer Friendly Page

Updated: February 13, 2007 11:37:18 AM
Type: Spyware
Risk Impact: High
File Names: Varies.
Systems Affected: Windows

Behavior


Spyware.Keylogger records keystrokes and may send this information to a predefined email address.

Symptoms


The files are detected as Spyware.Keylogger.

Transmission


Spyware.Keylogger can be installed as part of another program, or by an installer that has a user interface.

Antivirus Protection Dates

  • Initial Rapid Release version October 02, 2014 revision 022
  • Latest Rapid Release version May 14, 2018 revision 016
  • Initial Daily Certified version April 01, 2004
  • Latest Daily Certified version May 14, 2018 revision 007
  • Initial Weekly Certified release date April 02, 2004

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Updated: February 13, 2007 11:37:18 AM
Type: Spyware
Risk Impact: High
File Names: Varies.
Systems Affected: Windows


The installation path of Spyware.Keylogger may also be configurable. The spyware may be configured to run in stealth mode by hiding its user interface and system tray icon.

When Spyware.Keylogger is executed, it records keystrokes and may take screenshots. It may also send recorded information to a predefined email address.


Updated: February 13, 2007 11:37:18 AM
Type: Spyware
Risk Impact: High
File Names: Varies.
Systems Affected: Windows




Note: If this spyware program was installed as part of another program, removing the spyware component may cause the program that installed it to not work as intended. The uninstaller generally identifies the programs that will not work after uninstallation.
  1. Update the definitions.
  2. Run a full system scan and delete all the files detected as Spyware.Keylogger.
  3. Delete the values that were added to the registry.
For specific details on each of these steps, read the following instructions.

1. To update the definitions
To obtain the most recent definitions, start your Symantec program and run LiveUpdate.

2. To scan for and delete the files
  1. Start your Symantec antivirus program, and then run a full system scan.
  2. If any files are detected as Spyware.Keylogger, write down the path and file names, and then click Delete.


    Notes:
  • If your Symantec antivirus product reports that it cannot delete a detected file, write down the path and file name. Then use Windows Explorer to locate and delete the file.
  • If you ran the Add/Remove programs applet as described in the previous section, all the files may have been removed, and thus, none of them will be detected.

3. To delete the values from the registry

WARNING: Symantec strongly recommends that you back up the registry before making any changes to it. Incorrect changes to the registry can result in permanent data loss or corrupted files. Modify the specified keys only. Read the document, "How to make a backup of the Windows registry ," for instructions.


Note: This is done to make sure that all the keys are removed. They may not be there if the uninstaller removed them.

  1. Click Start, and then click Run. (The Run dialog box appears.)
  2. Type regedit

    Then click OK. (The Registry Editor opens.)

  3. Navigate to the keys:

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

  4. In the right pane, delete any value that contains the name of the file that was detected as Spyware.ActiveKeylog.

  5. Exit the Registry Editor.