Generic Keylogger.ai

Generic Keylogger.ai Description

Generic Keylogger.ai is a keylogging parasite that may be able to record key strokes in addition monitoring internet activity. Generic Keylogger.ai may also change settings without a computer user's permission. To completely eliminate the potential threat of Generic Keylogger.ai, a computer user may use a trusted spyware removal application.

Aliases: Generic23.WLG [AVG], W32/Inject.ECG!tr [Fortinet], Exploit.Win32.CVE-2011 [Ikarus], Win-Trojan/Agent.32768.CAU [AhnLab-V3], Exploit:Win32/CVE-2011-2100.A [Microsoft], Exploit.Win32.CVE-2011!IK, EXP/CVE-2011-2100.A [AntiVir], Trojan.Generic.6158024 [BitDefender], Trojan.Horse-14 [ClamAV], TROJ_INJECT.ECG, W32/Suspicious_Gen2.NKTNK, probably a variant of Win32/Agent.MYGLABQ [NOD32], Generic BackDoor.u [McAfee], TrojanSpy.Agent.gpw and TR/Agent.1182720.2 [AntiVir].

Technical Information

File System Details

Generic Keylogger.ai creates the following file(s):
# File Name Size MD5 Detection Count
1 %SYSTEMDRIVE%\$Recycle.Bin\S-1-5-21-734831142-3519689144-87668600-1001\$RI8HIIN.exe\$RI8HIIN.exe 11,776 69c452f6ca8eef268c08ecbae647434b 471
2 %APPDATA%\WindowsDatabase\lsql.exe 190,464 aceb92ee2ef11b7c378451d072488fb3 52
3 %PROGRAMFILES%\HandyCafe\Client\hndclient.exe 666,112 12b8bbb7c7806b842cdbe0f5146bb185 47
4 %APPDATA%\system\svchost.exe 97,280 571b93bf6988fa18d482ae734b19ee5c 10
5 %SystemDrive%\Documents and Settings\Jeff\Local Settings\Application Data\Adobe\Updater26278\jhihx.dll 684,032 13215f1144c1759a019ab04bf7e123a1 10
6 %WINDIR%SERVICE.EXE 63,309 afcd47d44f3a87940bbdc34f6764133e 7
7 %WINDIR%\Microsoft.NET\Framework\aspnet.exe 61,440 b1ea2a037ad3a594b2bf9acfaaf2b4f5 7
8 %SystemDrive%\Documents and Settings\walter\2meb.exe 48,640 16cacfbaf3e8341c736a7bfa8ccacef2 5
9 %PROGRAMFILES%\SourceTec\Sothink Web Video Downloader Stand-alone\VideoDownloader.exe 5,472,256 59bed40857f0ca7bf587ab32b824cd57 5
10 %SystemDrive%\aidualc3\c0.exe 638,976 9e29d720b2ba92f4697111913bcb6237 4
11 %APPDATA%\roWeb80\roWeb80.dll 28,160 203aa8693daf1166ae93bd95ad95c819 4
12 %TEMP%0.018152222834671994 195,584 ba22dbcbd2484e70848412db712c0002 4
13 %WINDIR%\system32\NetWeb.dll 55,296 ab211d4e233e35b751368ba65039cdd7 4
14 %WINDIR%spoolsvc.exe 229,520 b6eee5b77579bd2c6f847cf807821b47 4
15 %PROGRAMFILES%\Around The World In 80 Days\Around the World in 80 Days.exe 332,032 7273fe8426ee567dab874f1bc9e3d23b 2
16 %WINDIR%hdlan.exe 81,662 728d639dcd6f9f15b8e66aa464afdc60 2
17 %PROGRAMFILES(x86)%\Gameztar Toolbar\2.1.1.5750\mvbapp.exe 663,552 bcf0b12205ff2e79acc6795d02188f61 2
18 %LOCALAPPDATA%NetworkTools.exe 119,296 a8191226925ed2b0500418ddb582c62f 2
19 %WINDIR%\system32\cnetcgg.dll 192,000 02eda1effde92bdf8462abcf40c4f776 2
20 %APPDATA%\Direct-X10\Direct-X18.exe 61,440 ff7daee9c7973c956586a69f7afc4934 2
21 %PROGRAMFILES(x86)%\Transport Giant GOLD\transportgiant.exe 3,198,976 66ed30f4a607869d07f410f0957ea7ea 2
22 %SystemDrive%\Users\jojo14hdcharger\AppData\Local\Temp\4.174502284048876E7 86,016 76cd968d3e3b53da8bd033182553ace3 1
23 %APPDATA%certificate.vbs 20,388 285b156108b71a1b8fb7fc9e0a52ddc5 1
24 D:\Program Files\Media Access Startup\1.5.6.910\HPIEAddOn.dll 221,184 fbe547195b0ba3904cbe0640a94126d8 1
More files

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.


HTML is not allowed.