Yahoo Logger

Yahoo Logger is a keylogger with high risk that can run in stealth mode. It can capture instant messages sent and received through yahoo! messenger. Yahoo Logger is a keylogger with high risk that can run in stealth mode. It can capture instant messages sent and received through yahoo! messenger.0

General information:

Malware Name:	Yahoo Logger
Malware Type:	Keylogger
Company Name:	KMiNT21 software
Company URL:	http://www.spyarsenal.com/
Threat Level:	High Risk
Operating System:	WIN XP
Installation Type:	Installed through EXE
Operation:	Time of After Installation

Company Description:

KMiNT21 software provides you the software that can run in stealth mode and capture instant messages sent and received through yahoo! messenger. All the information captured is stored by this software in log files and it has the ability to send these log files to a specified email address. Removal of this software is advisable if it is not installed for a purpose.

Spyware Description:

Characteristics/Symptoms:

-> It can run in stealth mode. -> It can capture instant messages sent and received through yahoo! messenger.

Additional information might be found here:

	Search at Google for Yahoo Logger
	Search at Bing for Yahoo Logger
	Search at Yahoo for Yahoo Logger

Processes Running:

csvdey.exe

File information Created after Installation:

File Location	Size (Bytes)	Type
C:\WINDOWS\system32\csvdey\Links\Download lastest version.url	63	Internet Shortcut
C:\WINDOWS\system32\csvdey\csvdey.exe	1134080	Application
C:\WINDOWS\system32\csvdey\rvy.exe	681472	Application

Folder information Created after Installation:

Folder Location
C:\WINDOWS\system32\csvdey
C:\WINDOWS\system32\csvdey\Links

Registry information Created after Installation:

Main Registry Key	Sub Registry Key	Key Value Name
HKEY_LOCAL_MACHINE	\SOFTWARE\KMiNT21\SpyArsenal-Yahoo-Logger	Path0
HKEY_LOCAL_MACHINE	\SOFTWARE\KMiNT21\SpyArsenal-Yahoo-Logger	Start Menu Folder0
HKEY_LOCAL_MACHINE	\SOFTWARE\KMiNT21\SpyArsenal-Yahoo-Logger	[NULL]0