StarLogger

StarLogger is key strokes recorder utility used to capture, monitor, and record everything typed into a computer and is able to create screen captures regularly. It includes elevated threats that are typically installed without adequate notice and consent, and may make unwanted changes to system, such as reconfiguring browser’s homepage and search settings. These threats may install advertising-related add-ons, including toolbars and search bars, or insert advertising-related components into the Winsock Layered Service Provider chain. These new add-ons and components may block or redirect preferred network connections, and can negatively impact computer’s performance and stability.0

General information:

Malware Name: StarLogger
Malware Type: Key Logger
Company Name: De Willebois Consulting
Company URL: http://www.willebois.nl/
Threat Level: Elevated Risk
Operating System: WIN XP
Installation Type: Installed through EXE
Operation: Time of After Installation.

Company Description:

De Willebois Consulting is a supplier of consultancy services on information systems. Besides the consultancy services De Willebois Consulting also designs and develops advanced software solutions. It covers the whole process starting with design followed by development and finally resulting in implementation. Its mission is to provide the best possible services and solutions to its customers by utilizing its expertise in Information Technology. It is able to develop a tailor made information system within a short period as it use ready developed software components in its developing process

Spyware Description:

StarLogger is key strokes recorder utility used to capture, monitor, and record everything typed into a computer and is able to create screen captures regularly. It includes elevated threats that are typically installed without adequate notice and consent, and may make unwanted changes to system, such as reconfiguring browser’s homepage and search settings. These threats may install advertising-related add-ons, including toolbars and search bars, or insert advertising-related components into the Winsock Layered Service Provider chain. These new add-ons and components may block or redirect preferred network connections, and can negatively impact computer’s performance and stability.0

Characteristics/Symptoms:

    -> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0

Additional information might be found here:

google Search at Google for StarLogger
bing Search at Bing for StarLogger
yahoo Search at Yahoo for StarLogger

Processes Running:

WinSL.exe

File information Created after Installation:

File Location Size (Bytes) Type
C:\Documents and Settings\All Users\Start Menu\Programs\StarLogger\StarLogger on the Web.lnk 415 Shortcut
C:\Documents and Settings\All Users\Start Menu\Programs\StarLogger\StarLogger.lnk 498 Shortcut
C:\WINDOWS\SL\WinSLH.dll 10240 Application Extension

Folder information Created after Installation:

Folder Location
C:\WINDOWS\SL

Registry information Created after Installation:

Main Registry Key Sub Registry Key Key Value Name
HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StarLogger_is1 URLInfoAbout
HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StarLogger_is1 URLUpdateInfo
HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StarLogger_is1 UninstallString