Power Spy
Power Spy is a keylogger which logs keystrokes of the user's PC invisibly in the background. It also includes Elevated threats that are typically installed without adequate notice and consent, and may make unwanted changes to system, such as reconfiguring
browserâs homepage and search settings. These threats may install advertising-related add-ons, including toolbars and search bars, or insert advertising-related components into the Winsock Layered Service Provider chain. These new add-ons
and components may block or redirect preferred network connections, and can negatively impact computerâs performance and stability.0
General information:
| Malware Name: |
Power Spy |
| Malware Type: |
Key Logger |
| Company Name: |
eMatrix |
| Company URL: |
http://www.ematrixsoft.com/
|
| Threat Level: |
Elevated Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation. |
Company Description:
eMatrix provides software for security and monitoring our PC. One of its monitoring software is Power Spy. Power Spy records: all keystrokes, windows opened, clipboard activaties, passwords typed and applications executed; all Skype, MSN Messenger,
ICQ, AIM, Yahoo! Messenger and Windows Messenger's conversation text; all websites visited in MS Internet Explorer, Mozilla Firefox, Netscape Commnicator, Netscape Browser, AOL Explorer, Avant Browser, Maxthon, NetCaptor and SlimBrowser; all emails
read in Microsoft Outlook 97/2000/XP/2003 and Microsoft Outlook Express 5/6; all documents opened in MS Word and Notepad. It even takes screen snapshots at your set interval like a surveillance camera.
Spyware Description:
Power Spy is a keylogger which logs keystrokes of the user's PC invisibly in the background. It also includes Elevated threats that are typically installed without adequate notice and consent, and may make unwanted changes to system, such as reconfiguring
browserâs homepage and search settings. These threats may install advertising-related add-ons, including toolbars and search bars, or insert advertising-related components into the Winsock Layered Service Provider chain. These new add-ons
and components may block or redirect preferred network connections, and can negatively impact computerâs performance and stability.0
Characteristics/Symptoms:
-> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0
Additional information might be found here:
Processes Running:
wincp.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\Power Spy\ unins000.dat |
13 |
DAT File |
| C:\Program Files\Power Spy\ wincp.exe |
458 |
Application |
| C:\Program Files\Power Spy\help.chm |
31 |
Compiled HTML Help file |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\Power Spy |
| C:\Program Files\Power Spy\common |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
