Threat Explorer

The Threat Explorer is a comprehensive resource consumers can turn to for daily, accurate, up-to-date information on the latest threats, risks and vulnerabilities.

Ariskkey

Ariskkey

Updated:
12 February 2007
Name:
Asterisk Key
Version:
6.5
Publisher:
Passware
Risk Impact:
Low
Systems Affected:
Windows

Behavior

Ariskkey is a program designed to recover passwords that have been saved and are hidden by asterisks. This program can be a security risk since it can be used to recover passwords that were thought to be hidden.

Note: Definitions prior to February 9th, 2007 may detect this threat as Hacktool.Ariskkey.

Antivirus Protection Dates

  • Initial Rapid Release version 02 October 2014 revision 022
  • Latest Rapid Release version 07 May 2019 revision 006
  • Initial Daily Certified version 11 November 2004
  • Latest Daily Certified version 07 May 2019 revision 008
  • Initial Weekly Certified release date 17 November 2004
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
When the program is executed, it creates the following files:
  • %ProgramFiles%\Passware\ariskkey.exe (detected as Ariskkey)
  • %ProgramFiles%\Passware\ariskkey.dll (detected as Ariskkey)
  • %ProgramFiles%\Passware\ariuninst.exe
  • %ProgramFiles%\Passware\maildll.dll
  • %ProgramFiles%\Passware\pk.chm
The program then creates the following registry subkey:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Asterisk Key

The program can then be used to steal password information from the computer.
The following instructions pertain to all Symantec antivirus products that support Security Risk detection.
  1. Update the definitions.
  2. Uninstall the security risk.
  3. Run a full system scan.
1. To update the definitions:
To obtain the most recent definitions, start your Symantec program and run LiveUpdate.

2. To uninstall the security risk
This security risk includes an uninstallation applet. In order to uninstall this security risk, complete the following instructions:
  1. Click Start > Settings > Control Panel or Start > Control Panel (this varies with the operating system).

  2. In the Control Panel window, double-click Add/Remove Programs.

    Windows Me only: If you do not see the Add/Remove Programs icon, click ...view all Control Panel options.

  3. Click Asterisk Key.

    Note: You may need to use the scroll bar to view the whole list.

  4. Click Add/Remove, Change/Remove, or Remove (this varies with the operating system). Follow the prompts.

    Note: After running the Add/Remove programs applet, all the files may have been removed. You will want to run a full system scan to ensure that this is the case. However, it is possible that no files will be detected after using Add/Remove programs.
3. To run the scan

Start your Symantec antivirus program, and then run a full system scan.

Note: If you ran the Add/Remove programs applet as described in the previous section, all the files may have been removed, and thus none of them will be detected.