PowerSpy
|
Description:
|
Spyware
|
|
Risk Level:
|
Medium
|
|
Date of First Occurence:
|
Tuesday, July 08, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
PowerSpy is a spyware program that gathers confidential information from the computer and can send this information to a configurable email address.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
REMOVER SPYWARE »
Geographical Distribution of Threat "PowerSpy"
Threat Info
View All
Detected Items
- Detected Files:
%SYSDIR%\WINDLL32.EXE
MD5: 045B703C46EED12A2106C16B2EFE0DE8 Size:868352
%SYSDIR%\windll32.exe
MD5: 77979A217C10D1A373167D5093382861 Size:20480
%SYSDIR%\regsvcdll.exe
MD5: FFBA479C9B435445E65ED1F6605CFA2F Size:32768
MD5: 96E0D9C62A380B3EB12C3FA9A6DDBFFD Size:90112
MD5: 4CFF0EB72082E7A3BF5FA69EB206CA7D Size:32768
%PROGRAMFILES%\Power Spy\data\symserv.exe
MD5: 307BDABD4D316921C156A2AE7B5274FE Size:102912
%PROGRAMFILES%\Power Spy\data\eventwin.exe
MD5: 4473A6DCFB87DED5897B41B1BC9521EE Size:131072
%PROGRAMFILES%\Power Spy\unins000.exe
MD5: BF15CE70E055955FAFD81A18EC1C0771 Size:77257
%PROGRAMFILES%\Power Spy\PCJB.exe
MD5: 25E7A0F686FD8B87BD5F557D8DBACA5E Size:483328
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%ProgramFiles%\Power Spy\PCJB.exe
%ProgramFiles%\Power Spy\unins000.dat
%ProgramFiles%\Power Spy\unins000.exe
%sysdir%\windll32.exe
%sysdir%\regsvcdll.exe
- Files by Directories
%ProgramFiles%\Power Spy
- Registry Values
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=regsvcdll
«
Go to Software Database
