Proactive System Password Recovery
Proactive System Password Recovery is a password recovery tool that may be used to gain unauthorized access to a computer and to a user s data. It is harmful if installed without the knowledge of the user.
General information:
| Malware Name: |
Proactive System Password Recovery |
| Malware Type: |
Password Recovery Tool |
| Company Name: |
ElcomSoft Co. Ltd |
| Company URL: |
http://elcomsoft.com/
|
| Threat Level: |
Low Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation |
Company Description:
ElcomSoft Co. Ltd provides you the software Proactive System Password Recovery that is a program to recover most types of Windows passwords : logon password (when user is logged on and has Admin privileges), screensaver password, .NET Passport password,
RAS and dial-up passwords, passwords to shared resources, SYSKEY startup password, passwords stored in cached credentials etc. The program also shows all users and groups (with their properties), allows to run any programs in other user s context,
show password history hashes, read password hashes from SAM and SYSTEM files, read Protected Storage records, decrypt Windows scripts, reveal passwords hidden under the asterisks, enable disabled controls, and run brute-force and dictionary attacks
on PWL files (Windows 9x).
Spyware Description:
Proactive System Password Recovery is a password recovery tool that may be used to gain unauthorized access to a computer and to a user s data. It is harmful if installed without the knowledge of the user.
Characteristics/Symptoms:
-> It may be used to gain unauthorized access to a computer and to a user s data. -> It is harmful if installed without the knowledge of the user.
Additional information might be found here:
Processes Running:
pspr.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Documents and Settings\[USER]\Start Menu\Programs\Proactive System Password Recovery\How to order.lnk |
663 |
Shortcut |
| C:\Program Files\ElcomSoft\PSPR\order_lang.xml |
11789 |
XML Document |
| C:\Program Files\ElcomSoft\PSPR\russian.lng |
93916 |
LNG File |
Folder information Created after Installation:
| Folder Location |
| C:\Documents and Settings\[USER]\Start Menu\Programs\Proactive System Password Recover |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_CURRENT_USER |
\Software\Elcom\Advanced Windows Password Recovery |
|
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Elcom\Advanced Windows Password Recovery |
|
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Elcom\Advanced Windows Password Recovery\Options |
|
