SaveMyWork
SaveMyWork is an application that logs all user keystrokes. It can be configured to run on Startup. It includes high risk threats that are typically installed without user interaction through security exploits, and can severely compromise system security.
Such threats may open illicit network connections, use polymorphic tactics to self-mutate, disable security software, modify system files, and install additional malware.0
General information:
| Malware Name: |
SaveMyWork |
| Malware Type: |
Spyware |
| Company Name: |
e-systems.ro |
| Company URL: |
http://www.e-systems.ro/
|
| Threat Level: |
High Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation. |
Company Description:
Its website is a collection of useful things, like software utilities, particularly windows utilities. All its currently listed programs are full freeware that it offers to its visitors. It also provides a comprehensive listing of various dll files,
in order to allow its visitors to get more information about such files. Getting back to its software utilities - all its software listed on this site is full freeware and not limited in any way - all non-expiring software products. It provides mostly
windows utilities software.
Spyware Description:
SaveMyWork is an application that logs all user keystrokes. It can be configured to run on Startup. It includes high risk threats that are typically installed without user interaction through security exploits, and can severely compromise system security.
Such threats may open illicit network connections, use polymorphic tactics to self-mutate, disable security software, modify system files, and install additional malware.0
Characteristics/Symptoms:
-> Ability to scan systems -> Monitor activity -> Relay information to another computer or locations in cyber-space -> Negatively affect the performance and stability of the system0
Additional information might be found here:
Processes Running:
SaveMyWork.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\Emsa Save My Work\Emsa Systems Website.url |
50 |
Internet Shortcut |
| C:\Program Files\Emsa Save My Work\SaveMyWork.exe |
487424 |
Application |
| C:\Program Files\Emsa Save My Work\license.txt |
10707 |
Text Document |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\Emsa Save My Work |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Emsa Save My Work_is1 |
URLInfoAbout |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Emsa Save My Work_is1 |
URLUpdateInfo |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Emsa Save My Work_is1 |
UninstallString |
