Home / malware Spyware:Win32/DataDoctor
First posted on 10 November 2010.
Source: SecurityHomeAliases :
Spyware:Win32/DataDoctor is also known as Application.Keylogger.DataDoctor.A (BitDefender), BackDoor.Dumb.120 (Dr.Web), not-a-virus:Monitor.Win32.KeyLogger.ty (Kaspersky), Pro Data Doctor (Trial) (other).
Explanation :
Spyware:Win32/DataDoctor is the detection of a program that captures user entered key strokes to a configured data file.
Top
Spyware:Win32/DataDoctor is the detection of a program that captures user entered key strokes to a configured data file. InstallationSpyware:Win32/DataDoctor may be present as the following file: %ProgramFiles%\KeyLog\msdts.exe The registry is modified to run DataDoctor at each Windows start. In subkey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunSets value: "msdts"With data: "%ProgramFiles%\KeyLog\msdts.exe" When run, Spyware:Win32/DataDoctor requires a password, which is set during the first execution of the program: DataDoctor can be configured to store captured key strokes to a data file: DataDoctor runs in the background and captures key strokes to the configured data file.
Analysis by Shawn WangLast update 10 November 2010
