Remote Helpdesk
Remote Helpdesk is a remote control that allows administrators to manage and control PCs or networks from a remote location. It can be used to control any PC on the network and to harm users on the same network.
General information:
| Malware Name: |
Remote Helpdesk |
| Malware Type: |
Remote Control |
| Company Name: |
gidsoftware.com |
| Company URL: |
http://www.gidsoftware.com/
|
| Threat Level: |
Low Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation |
Company Description:
gidsoftware.com provides you the software Remote Helpdesk that is a program that allows you to provide support to customers by pc remote control. The Server is a thin (430 Kb) program that doesn t require installation, your customers can start it
from a web server link, shortcut on a local file server or it can even be emailed to them. Even at 56k download speeds, this means you can typically start a remote control session within 30 seconds of your users downloading remhelp.exe and pressing
the start button.
Spyware Description:
Remote Helpdesk is a remote control that allows administrators to manage and control PCs or networks from a remote location. It can be used to control any PC on the network and to harm users on the same network.
Characteristics/Symptoms:
-> It can be used to control any PC on the network. -> It can be used to harm users on the same network. -> It is used to steal information from the remote computer.
Additional information might be found here:
Processes Running:
remhelpc.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Documents and Settings\[USER]\Application Data\RemoteHelpdesk\processes.dat |
57724 |
DAT File |
| C:\Documents and Settings\[USER]\Application Data\RemoteHelpdesk\sessions.dat |
156028 |
DAT File |
| C:\WINDOWS\Remote Helpdesk Uninstaller.exe |
150423 |
Application |
Folder information Created after Installation:
| Folder Location |
| C:\Documents and Settings\All Users\Start Menu\Programs\Remote Helpdes |
| C:\Documents and Settings\[USER]\Application Data\RemoteHelpdes |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_CURRENT_USER |
\Software\GID Software\Remote Helpdesk |
ListenIP_Login |
| HKEY_CURRENT_USER |
\Software\GID Software\Remote Helpdesk |
ListenIP_Pass |
| HKEY_CURRENT_USER |
\Software\GID Software\Remote Helpdesk |
ListenIP_Port |
