NetObserve
Programs designed to monitor user activity. May be used with or without consent. Because it is sold commercially, many anti-virus vendors do not detect them. The most common form of a commercial monitoring tool comes in the form of a keystroke logger,
which intercepts keystrokes from the keyboard and records them in a log. This can then be sent to whoever installed the software, or keylogger, onto the machine. Some Commercial Monitoring Software may take screenshots or video and send the information
to an outbound connection.0
General information:
| Malware Name: |
NetObserve |
| Malware Type: |
Key Logger |
| Company Name: |
ExploreAnywhere |
| Company URL: |
http://www.exploreanywhere.com/
|
| Threat Level: |
|
| Operating System: |
|
| Installation Type: |
|
| Operation: |
|
Company Description:
Exploreanywhere Software, LLC is a privately held corporation located on the eastern seaboard of the United States in the small state of New Hampshire. Originally founded in Quarter 4 of 2001, ExploreAnywhere Software has grown from a small software
company to a highly recognizable company specializing in computer monitoring software for parents, corporations, and educational facilities. ExploreAnywhere Software filed for its incorporation within just four months of it's founding and continues
to grow and expand to this day thanks to our customers. Its computer monitoring and surveillance software has been professionally critiqued and publicized by many of the most prestigious news agencies in the world.
Spyware Description:
Programs designed to monitor user activity. May be used with or without consent. Because it is sold commercially, many anti-virus vendors do not detect them. The most common form of a commercial monitoring tool comes in the form of a keystroke logger,
which intercepts keystrokes from the keyboard and records them in a log. This can then be sent to whoever installed the software, or keylogger, onto the machine. Some Commercial Monitoring Software may take screenshots or video and send the information
to an outbound connection.0
Characteristics/Symptoms:
-> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0
Additional information might be found here:
Processes Running:
no32mon.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Documents and Settings\All Users\Start Menu\Programs\NETObserve 2.98 TRIAL\NETObserve Documentation.lnk |
658 |
Shortcut |
| C:\Documents and Settings\All Users\Start Menu\Programs\NETObserve 2.98 TRIAL\Readme.lnk |
670 |
Shortcut |
| C:\Documents and Settings\All Users\Start Menu\Programs\NETObserve 2.98 TRIAL\Remove NETObserve 2.98 TRIAL.lnk |
531 |
Shortcut |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\ExploreAnywhere |
| C:\Program Files\ExploreAnywhere\NETObserve |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_CURRENT_USER |
\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\NETObserve 2.98 TRIAL |
Order |
| HKEY_LOCAL_MACHINE |
SOFTWAREMicrosoftWindowsCurrentVersionUninstallNETObserve 2.98 TRIAL |
DisplayName |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NETObserve 2.98 TRIAL |
UninstallString |
