Troj/SCKeyLog-L

Category:	Viruses and Spyware	Protection available since:	25 Jan 2006 00:00:00 (GMT)
Type:	Trojan	Last Updated:	25 Jan 2006 00:00:00 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/SCKeyLog-L is a Trojan for the Windows platform.

When Troj/SCKeyLog-L is installed the following files are created:

<System>\cvsloops.dat
<System>\cvsloops.le
<System>\spoolsvc.dll
<System>\spoolsvc.exe

The files cvsloops.dat and cvsloops.le are clean and can simply be deleted.

The file spoolsvc.dll is detected as Troj/SCKeyLo-AL.

The following registry entry is created to run spoolsvc.exe on startup:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
spoolsvc
<System>\spoolsvc.exe

The following registry entries are created to run code exported by spoolsvc.dll on startup:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spoolsvc
DllName
spoolsvc.dll

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spoolsvc
Impersonate
0

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spoolsvc
Startup
WLEvtStartup

Try Sophos products for free
Download now

Security Goals

INDUSTRIES & SECTORS

COMPANY SIZE

PRODUCT FEATURES

CASE STUDIES

Company Overview

Our People

INNOVATIVE TECHNOLOGY

ALERT SERVICES

Product Features

Product Families

Complete Security

PRODUCTS BY NAME

Free Tools

Next Steps

RESOURCES

FIND AN ANSWER

Support by Product

Maintain your Product

Hire an Expert

WHAT'S POPULAR

THREAT ANALYSIS

THREAT STATISTICS

WHAT'S POPULAR

Threat Definitions

THREAT MONITORING

SECURITY HUBS

LIBRARY

Whats Popular

WHAT'S NEW

Community

IT SECURITY TRAINING

ANATOMY OF AN ATTACK

RESELLER PARTNERS

Managed Service Providers

SYSTEM INTEGRATORS

OEM and Technology

WHAT'S POPULAR

Troj/SCKeyLog-L

Free Mac Anti-Virus

Popular topics