KGB Keylogger
KGB Keylogger is a multifunctional keyboard tracking software (a.k.a. keylogger) that is widely used by both regular users and IT security specialists. It includes elevated threats that are typically installed without adequate notice and consent,
and may make unwanted changes to system, such as reconfiguring browserâs homepage and search settings. These threats may install advertising-related add-ons, including toolbars and search bars, or insert advertising-related components into
the Winsock Layered Service Provider chain. These new add-ons and components may block or redirect preferred network connections, and can negatively impact computerâs performance and stability. Elevated threats may also collect, transmit,
and share potentially sensitive data without adequate notice and consent.0
General information:
| Malware Name: |
KGB Keylogger |
| Malware Type: |
Key Logger |
| Company Name: |
Refog Software |
| Company URL: |
http://www.refog.com/
|
| Threat Level: |
Elevated Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation. |
Company Description:
Refog Software provides Remote Spying Software and Linux & DOS Keylogger. One of its Keylogger is KGB Keylogger. KGB Keylogger is a multifunctional keyboard tracking software (a.k.a. keylogger) that is widely used by both regular users and IT
security specialists.The reason for such popularity is that this program does not just record keystrokes; it is capable of recording language specific characters (ex. umlauts), date and time certain window was initiated as well as the caption of that
window. This software combines two very important qualities - it records all typed data, so that we won't lose it when computer unexpectedly crashes, and it keeps the record of all keyboard activity. The latter quality allows to monitor children's
activity at home or to make sure employees do not use company's computers inappropriately without invading their privacy.
Spyware Description:
KGB Keylogger is a multifunctional keyboard tracking software (a.k.a. keylogger) that is widely used by both regular users and IT security specialists. It includes elevated threats that are typically installed without adequate notice and consent,
and may make unwanted changes to system, such as reconfiguring browserâs homepage and search settings. These threats may install advertising-related add-ons, including toolbars and search bars, or insert advertising-related components into
the Winsock Layered Service Provider chain. These new add-ons and components may block or redirect preferred network connections, and can negatively impact computerâs performance and stability. Elevated threats may also collect, transmit,
and share potentially sensitive data without adequate notice and consent.0
Characteristics/Symptoms:
-> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0
Additional information might be found here:
Processes Running:
winlogons.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\KGB Spy\TraditionalChinese.lng |
9947 |
LNG File |
| C:\Program Files\KGB Spy\Ukrainian.lng |
10007 |
LNG File |
| C:\Program Files\KGB Spy\uninstall.exe |
73569 |
Application |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\KGB Spy |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KGB Spy |
URLInfoAbout |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KGB Spy |
URLUpdateInfo |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KGB Spy |
UninstallString |
