Local Keylogger Pro

Category: Adware and PUAs Protection available since:01 Sep 2010 01:17:43 (GMT)
Type: Unspecified PUA Last Updated:01 Sep 2010 01:17:43 (GMT)

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Local Keylogger Pro exhibits the following characteristics:

Runtime Analysis

Registry Keys Created
  • HKCR\RKLDLL.Clipboard\CurVer
    (Default)
    RKLDLL.Clipboard.1
  • HKCR\RKLDLL.MailDelivery\CLSID
    (Default)
    {F98FCD4D-7F9A-4D81-9DEB-31783F369368}
  • HKCR\RKLDLL.BlockExe
    (Default)
    BlockExe Class
  • HKCR\RKLDLL.Hotkey
    (Default)
    Hotkey Class
  • HKCR\CLSID\{6C20E3C2-6972-430B-8A5F-1991AE439D8E}\TypeLib
    (Default)
    {EBD3441D-1CCE-4996-A574-3BDA2BCA26FB}
  • HKCR\RKLDLL.PressEnter.1\CLSID
    (Default)
    {3204926E-3C3E-4506-BDF9-C82DBE70FA9F}
  • HKCR\RKLDLL.RealBlockApp\CLSID
    (Default)
    {2B5C4018-4FC5-457C-83F3-98EA1289C460}
  • HKCR\RKLDLL.HideTaskMan\CurVer
    (Default)
    RKLDLL.HideTaskMan.1
  • HKCR\TypeLib\{EBD3441D-1CCE-4996-A574-3BDA2BCA26FB}\1.0\FLAGS
    (Default)
    0
  • HKCR\CLSID\{F98FCD4D-7F9A-4D81-9DEB-31783F369368}\ProgID
    (Default)
    RKLDLL.MailDelivery.1
  • HKCR\RKLDLL.HideTaskMan.1
    (Default)
    HideTaskMan Class
  • HKCR\RKLDLL.BlockExe\CLSID
    (Default)
    {9049E204-958C-4302-A8B7-E946BDDD9A96}
  • HKCR\RKLDLL.Screen\CLSID
    (Default)
    {6684C012-F909-45CC-A379-E87B1E617379}
  • HKCR\CLSID\{6684C012-F909-45CC-A379-E87B1E617379}\TypeLib
    (Default)
    {EBD3441D-1CCE-4996-A574-3BDA2BCA26FB}
  • HKCR\RKLDLL.Application\CurVer
    (Default)
    RKLDLL.Application.1
  • HKCR\CLSID\{3204926E-3C3E-4506-BDF9-C82DBE70FA9F}\InprocServer32
    (Default)
    c:\test_item.dll
  • HKCR\CLSID\{2B5C4018-4FC5-457C-83F3-98EA1289C460}\TypeLib
    (Default)
    {EBD3441D-1CCE-4996-A574-3BDA2BCA26FB}
  • HKCR\CLSID\{8F4347C1-BF89-4C15-B739-51135E2ACFE6}\InprocServer32
    ThreadingModel
    Apartment
  • HKCR\CLSID\{3204926E-3C3E-4506-BDF9-C82DBE70FA9F}\VersionIndependentProgID
    (Default)
    RKLDLL.PressEnter
  • HKCR\CLSID\{2B5C4018-4FC5-457C-83F3-98EA1289C460}\InprocServer32
    ThreadingModel
    Apartment
  • HKCR\CLSID\{6C20E3C2-6972-430B-8A5F-1991AE439D8E}\InprocServer32
    ThreadingModel
    Apartment
  • HKCR\RKLDLL.Mouse\CurVer
    (Default)
    RKLDLL.Mouse.1
  • HKCR\CLSID\{6684C012-F909-45CC-A379-E87B1E617379}\InprocServer32
    ThreadingModel
    Apartment
  • HKCR\CLSID\{6678A2CE-A49B-434C-8CBC-2134DB729FA0}
    (Default)
    FTPDelivery Class
  • HKCR\RKLDLL.PressEnter\CLSID
    (Default)
    {3204926E-3C3E-4506-BDF9-C82DBE70FA9F}
  • HKCR\CLSID\{9049E204-958C-4302-A8B7-E946BDDD9A96}\ProgID
    (Default)
    RKLDLL.BlockExe.1
  • HKCR\CLSID\{9335F18F-4D72-4BEF-9379-610337B550FE}\VersionIndependentProgID
    (Default)
    RKLDLL.Password
  • HKCR\RKLDLL.Application\CLSID
    (Default)
    {AE9CA08C-5700-4FDA-8BE6-581B4A1DE119}
  • HKCR\RKLDLL.Password\CLSID
    (Default)
    {9335F18F-4D72-4BEF-9379-610337B550FE}
  • HKCR\CLSID\{6678A2CE-A49B-434C-8CBC-2134DB729FA0}\TypeLib
    (Default)
    {EBD3441D-1CCE-4996-A574-3BDA2BCA26FB}
  • HKCR\RKLDLL.Keystrokes
    (Default)
    Keystrokes Class
  • HKCR\CLSID\{6C20E3C2-6972-430B-8A5F-1991AE439D8E}\ProgID
    (Default)
    RKLDLL.HideTaskMan.1
  • HKCR\CLSID\{9049E204-958C-4302-A8B7-E946BDDD9A96}\TypeLib
    (Default)
    {EBD3441D-1CCE-4996-A574-3BDA2BCA26FB}
  • HKCR\RKLDLL.Mouse.1\CLSID
    (Default)
    {8F4347C1-BF89-4C15-B739-51135E2ACFE6}
  • HKCR\RKLDLL.BlockExe.1
    (Default)
    BlockExe Class
  • HKCR\RKLDLL.Application
    (Default)
    Application Class
  • HKCR\RKLDLL.MailDelivery.1
    (Default)
    MailDelivery Class
  • HKCR\CLSID\{AE9CA08C-5700-4FDA-8BE6-581B4A1DE119}\InprocServer32
    ThreadingModel
    Apartment
  • HKCR\CLSID\{0AB0A59B-9E93-4CD3-A1AA-E409F28A7411}
    (Default)
    Hotkey Class
  • HKCR\CLSID\{3204926E-3C3E-4506-BDF9-C82DBE70FA9F}\ProgID
    (Default)
    RKLDLL.PressEnter.1
  • HKCR\RKLDLL.Screen\CurVer
    (Default)
    RKLDLL.Screen.1
  • HKCR\RKLDLL.BlockExe\CurVer
    (Default)
    RKLDLL.BlockExe.1
  • HKCR\CLSID\{F6ECCE0F-0E59-44F6-8E40-7ACBE671BB0F}\TypeLib
    (Default)
    {EBD3441D-1CCE-4996-A574-3BDA2BCA26FB}
  • HKCR\RKLDLL.Keystrokes\CurVer
    (Default)
    RKLDLL.Keystrokes.1
  • HKCR\CLSID\{9049E204-958C-4302-A8B7-E946BDDD9A96}\InprocServer32
    (Default)
    c:\test_item.dll
  • HKCR\RKLDLL.Keystrokes\CLSID
    (Default)
    {F6ECCE0F-0E59-44F6-8E40-7ACBE671BB0F}
  • HKCR\RKLDLL.MailDelivery.1\CLSID
    (Default)
    {F98FCD4D-7F9A-4D81-9DEB-31783F369368}
  • HKCR\CLSID\{F6ECCE0F-0E59-44F6-8E40-7ACBE671BB0F}
    (Default)
    Keystrokes Class
  • HKCR\TypeLib\{EBD3441D-1CCE-4996-A574-3BDA2BCA26FB}\1.0\HELPDIR
    (Default)
    c:\
  • HKCR\CLSID\{2B5C4018-4FC5-457C-83F3-98EA1289C460}
    (Default)
    RealBlockApp Class
  • HKCR\CLSID\{8F4347C1-BF89-4C15-B739-51135E2ACFE6}\ProgID
    (Default)
    RKLDLL.Mouse.1
  • HKCR\RKLDLL.Hotkey\CurVer
    (Default)
    RKLDLL.Hotkey.1
  • HKCR\CLSID\{8F4347C1-BF89-4C15-B739-51135E2ACFE6}
    (Default)
    Mouse Class
  • HKCR\RKLDLL.Screen.1\CLSID
    (Default)
    {6684C012-F909-45CC-A379-E87B1E617379}
  • HKCR\RKLDLL.FTPDelivery.1\CLSID
    (Default)
    {6678A2CE-A49B-434C-8CBC-2134DB729FA0}
  • HKCR\RKLDLL.Password\CurVer
    (Default)
    RKLDLL.Password.1
  • HKCR\CLSID\{6684C012-F909-45CC-A379-E87B1E617379}\VersionIndependentProgID
    (Default)
    RKLDLL.Screen
  • HKCR\RKLDLL.MailDelivery
    (Default)
    MailDelivery Class
  • HKCR\CLSID\{F6ECCE0F-0E59-44F6-8E40-7ACBE671BB0F}\ProgID
    (Default)
    RKLDLL.Keystrokes.1
  • HKCR\RKLDLL.Password.1
    (Default)
    Password Class
  • HKCR\CLSID\{69F549B1-1328-4FB2-BD91-3188BAC3EDD0}\VersionIndependentProgID
    (Default)
    RKLDLL.Clipboard
  • HKCR\CLSID\{69F549B1-1328-4FB2-BD91-3188BAC3EDD0}
    (Default)
    Clipboard Class
  • HKCR\RKLDLL.Mouse.1
    (Default)
    Mouse Class
  • HKCR\RKLDLL.RealBlockApp.1
    (Default)
    RealBlockApp Class
  • HKCR\CLSID\{6678A2CE-A49B-434C-8CBC-2134DB729FA0}\ProgID
    (Default)
    RKLDLL.FTPDelivery.1
  • HKCR\RKLDLL.Application.1
    (Default)
    Application Class
  • HKCR\RKLDLL.Password
    (Default)
    Password Class
  • HKCR\CLSID\{F98FCD4D-7F9A-4D81-9DEB-31783F369368}\InprocServer32
    ThreadingModel
    Apartment
  • HKCR\CLSID\{AE9CA08C-5700-4FDA-8BE6-581B4A1DE119}\VersionIndependentProgID
    (Default)
    RKLDLL.Application
  • HKCR\RKLDLL.PressEnter.1
    (Default)
    PressEnter Class
  • HKCR\CLSID\{9335F18F-4D72-4BEF-9379-610337B550FE}\ProgID
    (Default)
    RKLDLL.Password.1
  • HKCR\CLSID\{6684C012-F909-45CC-A379-E87B1E617379}
    (Default)
    Screen Class
  • HKCR\RKLDLL.FTPDelivery.1
    (Default)
    FTPDelivery Class
  • HKCR\RKLDLL.Clipboard.1
    (Default)
    Clipboard Class
  • HKCR\RKLDLL.Keystrokes.1
    (Default)
    Keystrokes Class
  • HKCR\CLSID\{6678A2CE-A49B-434C-8CBC-2134DB729FA0}\InprocServer32
    (Default)
    c:\test_item.dll

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy