written by: Lashan Clarke•edited by: Bill Bunter•updated: 5/5/2010
This article will go over the various types of files that can be used as a keylogger. They include anything from an .exe, .dll, .scr, and .pif file extensions
slide 1 of 1
The types of files used as a keylogger can vary. They can be common .exe files – this is the most common type of file that is transmitted as a keylogger. It is easy to execute when installed on a computer system. The keylogger file can also be a .dll file. A .dll file is more advanced, and will require the hacker to place an entry within the registry. This will load the file as the computer boots up. Any of the file types can cause a “backdoor" to be opened on a computer system. This will then give anyone access to any personal information that being stored.
Another file type that is not as common, and much harder to detect is the .scr file extension. This file extension is used to execute screensavers, and when it has launched an executable file, it can be changed by hackers and used to run a program that monitors the activities of computer users. The use of the .scr file has many dangerous connotations, as most people will have a screensaver running on their computer systems. There is also a trend for people to search for and download their favorite screensaver files – this is why it is best, especially in the case of small business security, to not download files from unknown sources.
A fourth file type that is also used to cause a keylogger to enter your system is the .pif file extension. This type of file is known as a Windows Program Information File, and it was created by Microsoft Windows to execute the code that was contained within the file. This file type is quite outdated, and these files should not be clicked on if you receive them as an attachment.
These files types can transmit your information back to the hacker in two ways; by either using an email account that sends the data back to them, or using a screen capture utility that will record all of your activities. Most often a keylogger will generate a log, and send this information back to the hacker. Since this “backdoor" has been created, the attacker can read the report to look for any loopholes in your system’s security, and then run a script to do even more damage.