Proactive Password Auditor
PPAuditor (Proactive Password Auditor) is a program that will recover passwords based on their hashes. The program will perform a range of password recovery methods on password hash values. It includes medium risk threats that are often bundled with
functionally unrelated software or installed without adequate notice and consent, and may display unwanted advertising on the user's desktop. Such threats may track users' online browsing habits and transmit non-personally identifying data
back to a server in order to target advertising. These threats may be configured to start automatically with the operating system, use an auto-updater that the user cannot control, or install other functionally separate programs without adequate
notice and consent.0
General information:
| Malware Name: |
Proactive Password Auditor |
| Malware Type: |
Adware |
| Company Name: |
ElcomSoft Co. Ltd |
| Company URL: |
http://www.elcomsoft.com/
|
| Threat Level: |
Low Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation |
Company Description:
Established in 1990, ElcomSoft Co. Ltd (referred hereafter as ElcomSoft) is a privately owned software company headquartered in Moscow, Russia, specialising in Windows productivity and utility applications for businesses and end users. ElcomSoft's
award-winning password file protection retrieval software uses powerful algorithms, which are constantly under development. This means that the enormous permutations involved in retrieving a password from a protected file allows businesses and end
users to continue using their valuable data. ElcomSoft is a member of the Russian Cryptology Association (RCA), Computer Security Institute, a lifetime member of the Association of Shareware Professionals (ASP) and Microsoft Partner Program.
Spyware Description:
PPAuditor (Proactive Password Auditor) is a program that will recover passwords based on their hashes. The program will perform a range of password recovery methods on password hash values. It includes medium risk threats that are often bundled with
functionally unrelated software or installed without adequate notice and consent, and may display unwanted advertising on the user's desktop. Such threats may track users' online browsing habits and transmit non-personally identifying data
back to a server in order to target advertising. These threats may be configured to start automatically with the operating system, use an auto-updater that the user cannot control, or install other functionally separate programs without adequate notice
and consent.0
Characteristics/Symptoms:
-> Displays third-party advertising on the computer -> Tracks browsing habits -> Degrade the performance and stability of the computer. -> Bundled with other adware0
Additional information might be found here:
Processes Running:
ppa.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Documents and Settings\[USER]\Start Menu\Programs\Proactive Password Auditor\Readme.lnk |
661 |
Shortcut |
| C:\Program Files\ElcomSoft\PPA\english.xml |
47897 |
XML Document |
| C:\Program Files\ElcomSoft\PPA\russian.xml |
49708 |
XML Document |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\ElcomSoft\PPA |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_CURRENT_USER |
\Software\ElcomSoft\Proactive Password Auditor\Credentials |
Quantity |
| HKEY_CURRENT_USER |
\Software\ElcomSoft\Proactive Password Auditor\Last settings |
Challenge |
| HKEY_CURRENT_USER |
\Software\ElcomSoft\Proactive Password Auditor\Last settings |
Remote computer name |
