AdvancedRemoteInfo
AdvancedRemoteInfo is a remote control that captures screenshots of the remote desktop, remote shutdown, and batch operations to process multiple machines. It can be used to gather information about a remote Windows PC on the network. AdvancedRemoteInfo
is a remote control that captures screenshots of the remote desktop, remote shutdown, and batch operations to process multiple machines. It can be used to gather information about a remote Windows PC on the network.0
General information:
| Malware Name: |
AdvancedRemoteInfo |
| Malware Type: |
Remote Control |
| Company Name: |
Matthias Zirngibl |
| Company URL: |
http://masterbootrecord.de/
|
| Threat Level: |
Moderate Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation |
Company Description:
Matthias Zirngibl provides you the software AdvancedRemoteInfo that allows you to gather information about a remote Windows PC on the network. It includes information about hardware, installed software, network configuration, shares and printers,
users, and much more. It also offers screenshot capture of the remote desktop, remote shutdown, and batch operations to process multiple machines. The information can be exported to Excel, delimited, or HTML format.
Spyware Description:
AdvancedRemoteInfo is a remote control that captures screenshots of the remote desktop, remote shutdown, and batch operations to process multiple machines. It can be used to gather information about a remote Windows PC on the network. AdvancedRemoteInfo
is a remote control that captures screenshots of the remote desktop, remote shutdown, and batch operations to process multiple machines. It can be used to gather information about a remote Windows PC on the network.0
Characteristics/Symptoms:
-> It captures screenshots of the remote desktop, remote shutdown, and batch operations to process multiple machines. -> It can be used to gather information about a remote Windows PC on the network.
Additional information might be found here:
Processes Running:
ARI.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\AdvancedRemoteInfo\nmap\ari_nmap.cmd |
532 |
Windows NT Command Script |
| C:\Program Files\AdvancedRemoteInfo\unins000.exe |
673613 |
Application |
| C:\Program Files\AdvancedRemoteInfo\wget.exe |
72704 |
Application |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\AdvancedRemoteInfo |
| C:\Program Files\AdvancedRemoteInfo\nmap |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_CURRENT_USER |
\Software\ARI |
Height0 |
| HKEY_CURRENT_USER |
\Software\ARI |
HeightMonitoring0 |
| HKEY_CURRENT_USER |
\Software\ARI |
[NULL]0 |
