PC Prowler

It is a program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully in the hopes of either finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack.0

General information:

Malware Name: PC Prowler
Malware Type: Key Logger
Company Name: LogiGuard LLC
Company URL: http://www.pcprowler.com/
Threat Level: Elevated Risk
Operating System: WIN XP
Installation Type: Installed through EXE
Operation: Time of After Installation.

Company Description:

LogiGuard LLC offers premium internet security services. When we are on the internet, we need protection. With LogiGuard security products, we can surf, shop, and research without the fear of spyware, adware or any other malicious third party stealing our name, numbers, or passwords. Identity theft is a big issue nowadays and we can't afford to be without the absolute best protection on our PC or our network. LogiGuard can provide us with the latest in security news updates. Keep ourself in the know about the latest in virus and spyware definitions

Spyware Description:

It is a program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully in the hopes of either finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack.0

Characteristics/Symptoms:

    -> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0

Additional information might be found here:

google Search at Google for PC Prowler
bing Search at Bing for PC Prowler
yahoo Search at Yahoo for PC Prowler

Processes Running:

svchost.exe

File information Created after Installation:

File Location Size (Bytes) Type
C:\Program Files\MSWSPXP\!Executables\Release\svchost.exe 28672 Application
C:\Program Files\MSWSPXP\!Registry\settings.xml 2672 XML Document
C:\Program Files\MSWSPXP\!Resources\About.png 113048 PNG Image

Folder information Created after Installation:

Folder Location
C:\Program Files\MSWSPXP
C:\Program Files\MSWSPXP\!Executables

Registry information Created after Installation:

Main Registry Key Sub Registry Key Key Value Name
HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Prowler_is1 NoRepair
HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Prowler_is1 QuietUninstallString
HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Prowler_is1 UninstallString