SI
SI
discoversearch

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor.  We ask that you disable ad blocking while on Silicon Investor in the best interests of our community.  If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.
Pastimes : Computer Learning
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  
From: Cisco8/10/2005 4:59:48 PM
  Read Replies (1) of 110652
 
The keylogger from hell

sunbeltblog.blogspot.com

– It’s footprint is extremely small — about 26k.

– It seems related to the CoolWebSearch gang, but that is still not certain.

– It is related to the Dumador/Nibu family of trojans. The keylogger executable is winldra.exe.

– It runs under Internet Explorer (IE), so it is generally undetectable by a software or hardware firewall. So much for my ranting about the need to run a software firewall.

– It turns off the Windows firewall.

– It steals data in the IE Protected Storage area.

– It steals data from the Windows clipboard

– It steals logins and passwords from a number of programs, including WebMoney, Far Manager and Total Commander.

– It modifies the host file to stop access to Trend Micro, Mcafee.com, Symantec.com, Etrust/Computer Associates, AVP, Kaspersky, F-secure, etc.
Report TOU ViolationShare This Post
 Public ReplyPrvt ReplyMark as Last ReadFilePrevious 10Next 10PreviousNext  

HomeMailHotSubjectMarksPeopleMarksKeepersSettings
Terms Of UseContact UsCopyright/IP PolicyPrivacy PolicyAbout UsFAQAdvertise on SI
© 2026 Knight Sac Media.  Data provided by Twelve Data, Alpha Vantage, and CityFALCON News