Content
KeyLog-Powered
- Type
- Program
- SubType
- Keylogger
- Discovery Date
- 03/21/2006
- Minimum DAT
- 4723 (03/21/2006)
- Updated DAT
- 5739 (09/12/2009)
- Minimum Engine
- 5.1.00
- Description Added
- 03/21/2006
- Description Modified
- 03/22/2006 6:39 AM (PT)
Tab Navigation
Characteristics
McAfee(R) AVERT™ recognizes that this program may have legitimate uses in contexts where an authorized administrator has knowingly installed this application. If you agreed to a license agreement for this, or another bundled application, you may have legal obligations with regard to removing this software, or using the host application without this software. Please contact the software vendor for further information.
See http://vil.nai.com/vil/DATReadme.asp for a list of Program detections added to the DATs.
See http://vil.nai.com/vil/pups/configuration.htm for information about how to enable, disable, and exclude detection of legitimately installed programs.
Summary:
This is not a virus or Trojan. It is detected as potentially unwanted program. The application is designed to capture the following information.
- Typed Keystrokes
- Mouse Clicks
- Passwords
- Email activity
- Screenshots
- Visited websites
The application also gives an option to configure email settings, so that all the recorded logs can be sent to the specified email id.
Privacy:
No license agreement is displayed during installation, although one could be displayed by another installer if bundled with another application. No Privacy policy related to the software could be found.
Installation:
File name: 5b2fadf7.exe
MD5Hash: 6f8fabc8980415ac807ababa612a5d4d
At the time of installation the user is given the option to install the application in stealth or visible mode.
Following folders are added:
- %Windows%\Keyloggerelpow_spy (If installed in stealth mode)
- %Windows%\Keylogger (If installed in visible mode)
Following file is added in the added folder:
- elpow_log.exe
Some start menu items are added, if installed in the visible mode.
If the application is installed in the stealth mode and “elpow_log.exe” is executed, it opens an interface showing the logs and other settings (shown below) and the added folder gets disappeared which can be seen again by restarting the system.
The above GUI can also be seen in the visible mode by added start menu items but in this case the added folder will not get disappeared.
Aliases
Aliases
- Spyware.ElpowKeylogger- Symantec