McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
Business Home McAfee Labs Threat Intelligence

KeyLog-MSNX3

This page shows details and results of our analysis on the malware KeyLog-MSNX3

Threat Detail

Malware Type: Trojan

Malware Sub-type: Password

Discovery Date: 2002-12-20

Next Steps:

Overview

This is a trojan detection. Unlike viruses, trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include email, malicious or hacked web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.


Minimum DAT

4240 (2002-12-30)

Updated DAT

4240 (2002-12-30)

 Minimum Engine

5.1.00

File Length

384,000 bytes

Description Added

2003-07-18

Description Modified

2003-07-18

Malware Proliferation

Characteristics

This trojan attempts to capture keystrokes that are entered into specified Windows (the MSN Messenger Login window is set as default). Captured information is not transmitted beyond the local system. It is only displayed on the trojan's GUI, which can be hidden and revealed; meaning that if someone has physical or remote access to a system, then can start the trojan, hide the interface, and later reveal the interface and entered keystrokes.

The trojan is dependent on the keyboard layout being French, it contains bugs, and fails to function on most systems.

Symptoms

This trojan does not install itself in any way. It does not copy itself to another location, nor does it create any startup registry or INI keys.

Method of Infection

Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial. Distribution channels include IRC, peer-to-peer networks, newsgroup postings, etc.

Removal

All Users:
Use current engine and DAT files for detection. Delete any file which contains this detection.

Additional Windows ME/XP removal considerations

Variants

United States - English