@TheOffice Remote Access

@TheOffice Remote Access is a remote administration tool that can remotely control the user's PC.0

General information:

Malware Name:@TheOffice Remote Access
Malware Type:Remote Control
Company Name:Trispen Technologies
Company URL:http://www.trispen.com/
Threat Level:Moderate Risk
Operating System:WIN XP
Installation Type:Installed through EXE
Operation:Time of After Installation

Company Description:

Trispen's @TheOffice provides Secure Remote Access and Office Connectivity by letting virtually plug into Office Network from anywhere in the world. Any PC with Internet Access can potentially be used as if it is directly connected to Office LAN! Trispen's @TheOffice uses a set of industry-standard and secure technologies to establish connections from Client PCs on the road to a Gateway PC on office LAN.

Spyware Description:

@TheOffice Remote Access is a remote administration tool that can remotely control the user's PC.0

Characteristics/Symptoms:

    -> It is a network application that allows to manage and control PCs or networks from a remote location. -> It allows to access another computer without explicit authorization. -> It can also be used to monitor and steal information from the remote computer -> Slows down the performance of PC0

Additional information might be found here:

googleSearch at Google for @TheOffice Remote Access
bingSearch at Bing for @TheOffice Remote Access
yahooSearch at Yahoo for @TheOffice Remote Access

Processes Running:

clientlite.exe

File information Created after Installation:

File LocationSize (Bytes)Type
C:\Documents and Settings\All Users\Start Menu\Programs\@TheOffice Client\Manage Profiles.lnk1607Shortcut
C:\Program Files\Trispen\@TheOffice\Driver\sshvnic3.sys7136System file
C:\WINDOWS\system32\lite_va_install.exe45056Application

Folder information Created after Installation:

Folder Location
C:\Program Files\Trispen
C:\Program Files\Trispen\@TheOffice

Registry information Created after Installation:

Main Registry KeySub Registry KeyKey Value Name
HKEY_LOCAL_MACHINESOFTWARETrispenRoamerLiteSupportContact
HKEY_LOCAL_MACHINESOFTWARETrispenRoamerLiteType
HKEY_LOCAL_MACHINESOFTWARETrispenRoamerLiteUserName