Ultra Keylogger

Ultra Keylogger is used to record all the keystrokes typed by the user. It is an all-in-one program. It has all spyware features: intercepts everything that is entered from the keyboard, controls launched applications and active windows, scans Windows clipboard for changes, and monitors the screen. It includes elevated threats that are typically installed without adequate notice and consent, and may make unwanted changes to system, such as reconfiguring browser’s homepage and search settings. These threats may install advertising-related add-ons, including toolbars and search bars, or insert advertising-related components into the Winsock Layered Service Provider chain. These new add-ons and components may block or redirect preferred network connections, and can negatively impact computer’s performance and stability.0

General information:

Malware Name: Ultra Keylogger
Malware Type: Key Logger
Company Name: IwantSoft, Inc
Company URL: http://www.iwantsoft.com/
Threat Level: Elevated Risk
Operating System: WIN XP
Installation Type: Installed through EXE
Operation: Time of After Installation.

Company Description:

Spyware Description:

Ultra Keylogger is used to record all the keystrokes typed by the user. It is an all-in-one program. It has all spyware features: intercepts everything that is entered from the keyboard, controls launched applications and active windows, scans Windows clipboard for changes, and monitors the screen. It includes elevated threats that are typically installed without adequate notice and consent, and may make unwanted changes to system, such as reconfiguring browser’s homepage and search settings. These threats may install advertising-related add-ons, including toolbars and search bars, or insert advertising-related components into the Winsock Layered Service Provider chain. These new add-ons and components may block or redirect preferred network connections, and can negatively impact computer’s performance and stability.0

Characteristics/Symptoms:

    -> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0

Additional information might be found here:

google Search at Google for Ultra Keylogger
bing Search at Bing for Ultra Keylogger
yahoo Search at Yahoo for Ultra Keylogger

Processes Running:

ctfmon.exe

File information Created after Installation:

File Location Size (Bytes) Type
C:\Documents and Settings\All Users\Start Menu\Programs\Total Spy\Total Spy.lnk 534 Shortcut
C:\Program Files\TS Trial\conf.dat 43 DAT File
C:\Program Files\TS Trial\ctfmon.exe 378368 Application

Folder information Created after Installation:

Folder Location
C:\Program Files\TS Trial
C:\Program Files\TS Trial\daily_log_files

Registry information Created after Installation:

Main Registry Key Sub Registry Key Key Value Name
HKEY_LOCAL_MACHINE SOFTWAREMicrosoftWindowsCurrentVersionRun ctfmon.exe