Know Your Malware: Kbroy Removal

Kbroy, also known as Maha, is a parasitic keylogger that records all user keystrokes in attempt to steal important passwords and login names. Gathered data might be transferred to the remote attacker. Kbroy also changes some Internet Explorer settings and disables the Windows Firewall. The keylogger automatically runs on every Windows startup.

Related files: winupgrm.exe, sqlserver.dll

Kbroy properties:
Logs keystrokes
Changes browser settings
Hides from the user
Stays resident in background Remove Kbroy, removal instructions

Linked by shanmuga Friday, 16th December 2005 2:26AM