Net Monitor for Employees

It is a RAT tool; hat allows a 'view' of a computer monitor of a remote computer, which is connected to the network. This way user can observe what is happening on the other computer. It displays a live picture of a remote computer, more remote screens can be displayed in a table, remote screen can be zoomed to an actual size, the name of the connected user is displayed, connection to a remote computer is password protected, and more monitoring consoles can be connected to the same remote computer. A Commercial Remote Control Tool is a network application that allows administrators to manage and control PCs or networks from a remote location. Typically used in an enterprise environment, Commercial Remote Control Tools have legitimate uses for I.T. administration and are not harmful unless installed and used without the knowledge of the computer user or network administrator.0

General information:

Malware Name:	Net Monitor for Employees
Malware Type:	Remote Control
Company Name:	EduIQ.com
Company URL:	http://networklookout.com/
Threat Level:	Elevated Risk
Operating System:	WIN XP
Installation Type:	Installed through EXE
Operation:	Time of After Installation.

Company Description:

EduIQ.com produce software for monitoring remote computers screens. One of its software is Net Monitor for Employees. Net Monitor for Employees Professional allows us to see screens of computers connected to the network. This way we can observe what our employees are doing! Additionally, we have the ability to take control of a remote computer by controlling the mouse and keyboard. We can also send a message to remote computer and/or lock the remote computer.

Spyware Description:

It is a RAT tool; hat allows a 'view' of a computer monitor of a remote computer, which is connected to the network. This way user can observe what is happening on the other computer. It displays a live picture of a remote computer, more remote screens can be displayed in a table, remote screen can be zoomed to an actual size, the name of the connected user is displayed, connection to a remote computer is password protected, and more monitoring consoles can be connected to the same remote computer. A Commercial Remote Control Tool is a network application that allows administrators to manage and control PCs or networks from a remote location. Typically used in an enterprise environment, Commercial Remote Control Tools have legitimate uses for I.T. administration and are not harmful unless installed and used without the knowledge of the computer user or network administrator.0

Characteristics/Symptoms:

    -> It is a network application that allows to manage and control PCs or networks from a remote location. -> It allows to access another computer without explicit authorization. -> It can also be used to monitor and steal information from the remote computer -> Slows down the performance of PC0

Additional information might be found here:

	Search at Google for Net Monitor for Employees
	Search at Bing for Net Monitor for Employees
	Search at Yahoo for Net Monitor for Employees

Processes Running:

NLSupervisorPro.exe

File information Created after Installation:

File Location	Size (Bytes)	Type
C:\Documents and Settings\All Users\Start Menu\Programs\Network LookOut\Net Monitor for Employees Professional\NetworkLookOut.com.lnk	804	Shortcut
C:\Documents and Settings\All Users\Start Menu\Programs\Network LookOut\Net Monitor for Employees Professional\Uninstall.lnk	828	Shortcut
C:\Program Files\Network LookOut\Net Monitor for Employees Professional\ebuynow.url	104	Internet Shortcut

Folder information Created after Installation:

Folder Location
C:\Program Files\Network LookOut\Net Monitor for Employees Professional
C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin

Registry information Created after Installation: