Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


[Dshield] Re: list Digest, Vol 10, Issue 2
.

  • To: [EMAIL PROTECTED]
  • Subject: [Dshield] Re: list Digest, Vol 10, Issue 2
  • From: [EMAIL PROTECTED]
  • Date: Wed, 1 Oct 2003 14:48:17 -0400
  • Old-x-envelope-to: [EMAIL PROTECTED]
  • Reply-to: General DShield Discussion List <[EMAIL PROTECTED]>
  • Sender: [EMAIL PROTECTED]
.
 
In response to the regloadr.exe and the port 135 activity,  I encountered a
keystroke logger called regload.exe.   It stores all keystrokes in a file
called regload.hlp (which is a text file).

This regloadr.exe may be some variant that sends the keystrokes over the
network.   I would look for files in the %systemroot% folder, especially
recently modified files to see if keystrokes are being logged somewhere.

Emmett.



_______________________________________________
list mailing list
[EMAIL PROTECTED]
To change your subscription options (or unsubscribe), see: http://www.dshield.org/mailman/listinfo/list
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.