EMCO Remote Shutdown
EMCO Remote ShutDown Professional, Allows a USER to Shutdown/Reboot/PowerOff/LogOff one or many computers. It is a Commercial Remote Control Tool is a network application that allows administrators to manage and control PCs or networks from a remote
location. Typically used in an enterprise environment, Commercial Remote Control Tools have legitimate uses for I.T. administration and are not harmful unless installed and used without the knowledge of the computer user or network administrator.0
General information:
| Malware Name: |
EMCO Remote Shutdown |
| Malware Type: |
Remote Control |
| Company Name: |
EMCO Software Ltd. |
| Company URL: |
http://www.emco.is/
|
| Threat Level: |
Low Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation |
Company Description:
EMCO Software Ltd. is a brand name in the development of Network Management and Inventory tools that have user friendly interface- that reduces the learning curve, powerful-with integrated Network Management and Inventory tasks and highly reliable.
After a proper design and implementation under the supervision of highly talented designers and analysts, our products are passed through a regress testing process that guaranties the reliability of our products.
Spyware Description:
EMCO Remote ShutDown Professional, Allows a USER to Shutdown/Reboot/PowerOff/LogOff one or many computers. It is a Commercial Remote Control Tool is a network application that allows administrators to manage and control PCs or networks from a remote
location. Typically used in an enterprise environment, Commercial Remote Control Tools have legitimate uses for I.T. administration and are not harmful unless installed and used without the knowledge of the computer user or network administrator.0
Characteristics/Symptoms:
-> It is a network application that allows to manage and control PCs or networks from a remote location. -> It allows to access another computer without explicit authorization. -> It can also be used to monitor and steal information
from the remote computer -> Slows down the performance of PC0
Additional information might be found here:
Processes Running:
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\EMCO Remote Shutdown Professional\Data\machinequeue.DAT |
4735 |
DAT File |
| C:\Program Files\EMCO Remote Shutdown Professional\Data\status.DAT |
4735 |
DAT File |
| C:\Program Files\EMCO Remote Shutdown Professional\Data\status.IDX |
8192 |
IDX File |
Folder information Created after Installation:
| Folder Location |
| C:\Documents and Settings\All Users\Start Menu\Programs\EMCO Remote Shutdown Professional |
| C:\Program Files\EMCO Remote Shutdown Professional\Data |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
SOFTWAREMicrosoftWindowsCurrentVersionUninstallEMCO Remote Shutdown Professional_is1 |
DisplayName |
| HKEY_LOCAL_MACHINE |
SOFTWAREMicrosoftWindowsCurrentVersionUninstallEMCO Remote Shutdown Professional_is1 |
HelpLink |
| HKEY_LOCAL_MACHINE |
SOFTWAREMicrosoftWindowsCurrentVersionUninstallEMCO Remote Shutdown Professional_is1 |
Inno Setup: App Path |
