MonitoringTool:Win32/KGBKeylogger is a program that is capable of performing a number of actions, including logging keystrokes, capturing screenshots, and gathering a user's visited websites.

Microsoft security software detects and removes this unwanted software.

This monitoring tool monitors what you do on your PC.

The tool can record what you type on PC (including your passwords), take screenshots, record the websites you visit, and track what programs you run and how you use your PC. It might send this information to a remote malicious hacker over email or an Internet (FTP) connection.

It might be installed on your PC intentionally by someone else.

Find out more about how and why we identify unwanted software.

MonitoringTool:Win32/FamilyKeyLogger is a commercial monitoring tool called "Family Keylogger". It can stealthily record your keystrokes and track applications you launch, emails you send, websites you visit and information you type into website forms.

This tool may be present and installed intentionally by a computer user.

Microsoft security software detects and removes this family of threats.

These threats can collect your sensitive information and send it to a malicious hacker.

Find out ways that malware can get on your PC.  

Worm:Win32/Autorun.AHK is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.

Microsoft security software detects and removes this unwanted software.

This monitoring tool monitors what you do on your PC.

The tool can capture your activity on your PC (such as the keys you press when typing in passwords) and might send this information to a hacker.

Find out more about how and why we identify unwanted software.

TrojanSpy:Win32/Banker.MM is a password stealing trojan that captures online banking credentials, such as account login names and passwords, which are then relayed to a remote attacker.

Worm:Win32/Slenping.Y is a worm that can spread via MSN Messenger, peer-to-peer (P2P) applications, and external USB drives. The worm also contains backdoor functionality that allows unauthorized access to an affected computer.

Worm:Win32/Hamweq.DC is a worm that spreads via removable drives, such as USB memory sticks. It contains an IRC-based backdoor, which may be used by a remote attacker to order the affected machine to participate in Distributed Denial of Service attacks, or to download and execute arbitrary files.

TrojanSpy:Win32/PerfectKeylogger.B is a trojan that can log keystrokes and mouse clicks, and capture screenshots of the computer in which it is installed. It then sends its gathered information to a remote attacker via e-mail or FTP.

PWS:Win32/OnLineGames.HJ is a trojan that attempts to steal and distribute logon credentials for the multiplayer online role playing game World of Warcraft.

Worm:Win32/Autorun.ZY is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.

Worm:Win32/Autorun.ZF is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.

TrojanSpy:Win32/Banker.RX is a member of Win32/Banker - a family of data-stealing trojans that captures online banking credentials, such as account login names and passwords, and relays the captured information to a remote attacker. Most Win32/Banker variants target customers of Brazilian banks, though some variants target customers of banks in other locations.

TrojanDownloader:Win32/Banload.UF is a member of Win32/Banload - a family of trojans that downloads other malware. Banload is usually used to download and install members of the Win32/Banker and Win32/Bancos families onto affected computers. Win32/Banker and Win32/Bancos are trojans that steal banking credentials and other sensitive data, and send it back to a remote attacker.

TrojanDownloader:Win32/Banload.UQ is a member of Win32/Banload - a family of trojans that downloads other malware. Banload is usually used to download and install members of the Win32/Banker and Win32/Bancos families onto affected computers. Win32/Banker and Win32/Bancos are trojans that steal banking credentials and other sensitive data, and send it back to a remote attacker.

TrojanDownloader:Win32/Banload.UY is a member of Win32/Banload - a family of trojans that downloads other malware. Banload is usually used to download and install members of the Win32/Banker and Win32/Bancos families onto affected computers. Win32/Banker and Win32/Bancos are trojans that steal banking credentials and other sensitive data, and send it back to a remote attacker.

TrojanDownloader:Win32/Banload.VG is a trojan that attempts to download arbitrary files from the website "35ix.com".

TrojanSpy:Win32/Bancos.AZZ is a member of Win32/Bancos - a family of data-stealing trojans that captures online banking credentials, such as account login names and passwords, and relays the captured information to a remote attacker. Most Win32/Bancos variants target customers of Brazilian banks, though some variants target customers of banks in other locations.

TrojanSpy:Win32/Banker.SW is a multi-component family of data stealing trojans. The trojan captures credentials used for online banking such as account logon names and passwords. The captured data is relayed to a remote attacker for financial gain.