Spy Software is a client-server application that provides full control on a remote computer. Because is a client-server application before you use it you must make it comunicate with the Spy Software Server and for this you have the Button Connect. When you connect the client to the server be sure that the IP is the IP of the remote computer you want to connect to. After you enter the IP Address you can connect your client to the remote server. After the client receive the message Connected to ... the client waits for the message for authentification "Spy Software v2.1 server reply" and after that you are in.

The label Local represents the local path (i.e. the path that is used when you want to download something ; make sure after the path is a "\" - this must be there ).

The label Victim represents the remote path (i.e. the path that is used when you want to upload something ; make sure after the path is a "\" - this must be there ).

The checkbox Run After Upload is used when you upload something. If this is checked the file will be run on the remote computer after uploading.

The label Cmd makes posible sending custom commnad to server without using Command Form .An example for this is sending remove command there will remove the server (i.e. server will not run again after reboot but until reboot it will keep running).

Button File Manager shows File Manager Form that we will present after this.

There is also a Progress Bar that monitorize Upload and Download activities.

File Manager is one of the most important part of this Spy. In the left side you will see the remote drive arhitecture with folder icon for folders and file icon for other files.

The Button Dir shows the contains of the drive or path that is specified in the text box after the button (i.e. C:). If you want to refresh the list you can press this button again.To view the contains of a Folder you must double-click in the list on the folder and after that you can expand this folder from the + .

On the right side there are some buttons :

• Run - Works only if the selected part in the list is not a folder and runs the file on the remote computer.

• Download - Works only if the selected part in the list is not a folder and download the file from the remote computer to the specified Local path. If the local path doesn't exist the program will generate an error.

• SizeOf - Works only if the selected part in the list is not a folder and receive the size of the file on the remote computer.

• Delete - Works even if the selected part in the list is a folder and delete the file/folder on the remote computer. If this works with folders it will use the system1st.dll plugin.

• Get Log File - Download the Logger File from the remote computer to the specified Local Path .If the file doesn't exist the program will generate an error.

• Delete Log File - Delete the Logger File from the remote computer . If the file doesn't exist the program will generate an error.

By pressing C button from the main form the Commands form will be shown. Commnads are save in text file commands.ini (do not modify this file).By double-clicking on one of the Commnads list you send the commnad to the remote server. The Command list is an alphabetical one.You can add new commnads by pressing Add new button or you can edit or remove a commnad by pressing Edit button or Remove button. When you press the Add new button you will see a form in witch you must enter the name of the command (i.e. how the commnad is shown in the list)

and after you press Enter a new form must be completed with the commnad that will be passed to the server (i.e. the commnad run;c:\windows\notepad.exe will run NotePad on the remote computer ).

In the list of commnads are the most useful commnads:

• Add to Registry - add a specify key to registry .The folowing commnad adds C:\windows\NotePad.exe to registry key Software\Microsoft\Windows\CurrentVersion\Run - making NotePad to run erery time windows starts (addreg;Software\Microsoft\Windows\CurrentVersion\Run;Notepad;c:\windows\notepad.exe)
• Change Resolution - change screen resolution on the remote computer (exec;system1st.dll;rez;2;)
• Compress file - compress a specified file (exec;compress.dll;compres;1;c:\windows\notepad.exe)
• Delete Directory - delete a specified dir (exec;system1st.dll;deldir;;c:\temp)
• Delete File - delete a specified file (del;c:\temp.txt)
• Get Cache Passwords - gets windows cache passwords Win9x only! (pass)
• Get Screen Capture - make a screen capture of the remote computer (exec;capture.dll;screen;100;c:\x.jpg,1152)
• Get Size Of File - get the size of a specified file (len;c:\windows\explorer.exe)
• Get Windows Directory - retrive the windows directory (wdir)
• Kill Process - kills an windows process by handle (k;2884502) - the handle can be retrive with List Running Processes
• Kill Server - kills the server without removing it from the registry (kill)
• List Running Processes - retrive the list of running processes with the handle (list)
• Make new Directory - make a new directory (md;c:\temp)
• Reboot Computer - Reboot remote computer (reboot)
• Remove Directory - remove a specify empty directory (rd;c:\temp)
• Remove from Registry - remove a specify key from registry (delreg;Software\Microsoft\Windows\CurrentVersion\Run;description_key) - same sintax like add to registry
• Remove server - remove server from registry without closing the server (remove)
• Run Program - runs a specified program (run;c:\windows\notepad.exe)
• Show Message - Shows a message box with a specified caption and message (msg;Your system is runing out of memory . Please close some applications. ;Fatal error)
• Start Keylogger - starts keylogger (logg)
• Stop Keylogger - stop keylogger (unlogg)
• Uncompress File - uncompress a specified file on remote computer (exec;compress.dll;compres;2;c:\system.nfs)

History part is very useful when you have more than one computer to administrate. When you press H button from the main form the History form will be shown and in the Victim IP Address will apear the IP address that is in main form IP address. You must enter the Victim Name to identify the remote computer and after that by pressing Add button the informations will be save in a list . By double-clicking on one registration on the list the IP address will be put on the IP Field on the main form and after that you can connect to this IP.By pressing Del button the registrarion on the list will be deleted.

Just run swserv.exe on the remote computer and the server and the plugin files will be put in their windows directory.The server will start every time on the remote computer Windows is reloaded.