RAT/Key Logger/Dialer/AntiLamer Light

Alias: AntiLamer Light, Trojan.PSW.AlLight.11.d, Dialer.DQ

Description: This RAT program is just one of a big RAT virus family, created by OverG. Like it’s "brother" AntiLamer Backdoor, it is supposed to steal valuable info from users. But it is much easier to use and has much less functions. The main purpose of this software is stealing passwords. To do so, the program tries to capture passwords as they are transmitted. The origination date is May 2002. The programming language is Delphi. Several versions appeared since May 2002 to April 2003.

Threat type:

Dialer - A Dialer is a software application that dials long distance phone numbers. Dialers modify your dial-up settings and make very expensive long distance phone calls without user's permission. The user will be billed for the time used. Dialer authors share the revenues shady long distance providers.

Hacker Tool - A Hacker Tool is any software application that performs a wide range of hacking related tasks without user's permission. Activities include: disabling a user's anti-virus software or personal firewalls, gaining access to sensitive data, removing copy protection and modifying system settings.

Key Logger - A Key logger is a software application that runs in the background and records any keyboard activity. Logged information is stored in the machine and can be retrieved later by the attacker through the internet connection. Key loggers can record sensitive information such as passwords, credit card numbers, personal identification numbers, etc. Key loggers are commonly included as parts of other spyware programs.

RAT - Remote Administration Tool (RAT) is a software application which provides an attacker with the capability to control your computer system remotely whenever you are online. The attacker can perform operations such as programs and/or files adding/deleting, files transfers, capturing screenshot, etc. Attacker may use captured computer for different personal needs such as to send malicious attacks.

Advice: Remove This is a very high risk threat and should be removed immediately as to prevent harm to your computer or your privacy.

Detection:
SpyNoMore detects RAT/Key Logger/Dialer/AntiLamer Light: Yes

Threat risk: High Risk

Very dangerous malware. Can log user's keyboard activity and take snapshots of the user's screen. Uses stealth installation and removal is very difficult. Category includes spyware programs, adware programs and trojans.

Symptoms:

RAT/Key Logger/Dialer/AntiLamer Light Signature Details: The following information includes some of the standard signatures associated with this spyware threat. Please do not attempt to manually remove these items from your computer; Removing these items incorrectly or partially can cause your computer to experience critical errors, prevent your computer from restarting or cause loss of Internet connectivity. Should you be infected with RAT/Key Logger/Dialer/AntiLamer Light, you can clean your computer by downloading SpyNoMore now.

Running Process Signatures:
N/A

File Signatures:
%WINDOWS%\runwin32.exe
%PROFILE%\administrator\start menu\5-1-14-24.lnk
%WINDOWS%\system\runwin.exe
%WINDOWS%\system\runwindows32.exe
%PROFILE%\administrator\start menu\programs\5-1-14-24.lnk
%DESKTOPDIRECTORY%\5-1-14-24.lnk

Registered Dll (Dynamic Link Library) Signatures:
N/A

Folder Signatures:
%PROGRAM_FILES%\websx

Registry Signatures:
HKLM\software\microsoft\code store database\distribution units\{7589eee6-e336-11d4-8a7e-ee1d971d9b47}
HKLM\software\classes\clsid\{7589eee6-e336-11d4-8a7e-ee1d971d9b47}
HKLM\software\classes\acontixcontrol

SpyNoMore Collected Residual File Signatures:
N/A

See Also:
Hacker Tool/AIM Spy
Hacker Tool/AOL Pest/AIMJacker
RAT/Hacker Tool/Amitis
Hacker Tool/Anomailer
RAT/AntiLamer
Hacker Tool/Aphex's Packet Sniffer
Downloader/Aphex's Web
RAT/Aqua
RAT/Assassin
Hacker Tool/Attacker