Actimon
Actimon is a keylogger which logs keystrokes of the user's PC invisibly in the background. Its features: record keystrokes, take screenshots at set interval of time, record all websites visited by the user, work under hidden mode. It also includes
elevated threats that are typically installed without adequate notice and consent, and may make unwanted changes to system, such as reconfiguring browserâs homepage and search settings. These threats may install advertising-related add-ons,
including toolbars and search bars, or insert advertising-related components into the Winsock Layered Service Provider chain. These new add-ons and components may block or redirect preferred network connections, and can negatively impact computerâs
performance and stability.0
General information:
| Malware Name: |
Actimon |
| Malware Type: |
Key Logger |
| Company Name: |
Actimon |
| Company URL: |
http://www.jthesing.com/actimon/
|
| Threat Level: |
Elevated Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation. |
Company Description:
Actimon (activity monitor) is a desktop monitoring tool that logs screen shots, key presses, URL of visited sites and program use. You can monitor activities on computers in a network and even via Internet. It is a keylogger which logs keystrokes
of the user's PC invisibly in the background. Its features: record keystrokes, take screenshots at set interval of time, record all websites visited by the user, work under hidden mode.
Spyware Description:
Actimon is a keylogger which logs keystrokes of the user's PC invisibly in the background. Its features: record keystrokes, take screenshots at set interval of time, record all websites visited by the user, work under hidden mode. It also includes
elevated threats that are typically installed without adequate notice and consent, and may make unwanted changes to system, such as reconfiguring browserâs homepage and search settings. These threats may install advertising-related add-ons,
including toolbars and search bars, or insert advertising-related components into the Winsock Layered Service Provider chain. These new add-ons and components may block or redirect preferred network connections, and can negatively impact computerâs
performance and stability.0
Characteristics/Symptoms:
-> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0
Additional information might be found here:
Processes Running:
ftviewer.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Documents and Settings\All Users\Start Menu\Programs\Actimon\Uninstall Actimon monitoring program.lnk |
407 |
Shortcut |
| C:\Documents and Settings\All Users\Start Menu\Programs\Actimon\Viewer.lnk |
407 |
Shortcut |
| C:\actimon\_setup.exe |
67072 |
Application |
Folder information Created after Installation:
| Folder Location |
| C:\actimon |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
SOFTWAREMicrosoftWindowsCurrentVersionUninstallActimon monitoring program_is1 |
Inno Setup: Setup Version |
| HKEY_LOCAL_MACHINE |
SOFTWAREMicrosoftWindowsCurrentVersionUninstallActimon monitoring program_is1 |
Inno Setup: User |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Actimon monitoring program_is1 |
UninstallString |
