SpyBuddy
Secretly monitor PC. Record keystrokes, chats, websites, passwords, windows, and more. It includes severe risk threats that are typically installed without user interaction through security exploits, and may allow an attacker to remotely control the
infected machine. Such threats may allow the attacker to install additional malware and use the compromised machine to participate in denial of service attacks, spamming, and bot nets, or to transmit sensitive data to a remote server. The malware
may be cloaked and not visible to the user. These threats severely compromise the system by lowering security settings, installing âbackdoors,â infecting system files, or spreading to other networked machines0
General information:
| Malware Name: |
SpyBuddy |
| Malware Type: |
Key Logger |
| Company Name: |
ExploreAnywhere |
| Company URL: |
http://www.exploreanywhere.com/
|
| Threat Level: |
Severe Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation. |
Company Description:
Exploreanywhere Software, LLC is a privately held corporation located on the eastern seaboard of the United States in the small state of New Hampshire. Originally founded in Quarter 4 of 2001, ExploreAnywhere Software has grown from a small software
company to a highly recognizable company specializing in computer monitoring software for parents, corporations, and educational facilities. Its computer monitoring and surveillance software has been professionally critiqued and publicized by many
of the most prestigious news agencies in the world. Its software products have been featured in publications such as Fortune Small Business, PC Magazine, Computer User Magazine, and USA Today - as well as the BBC World News, CNN, Tech TV, and the
Kim Komando show. Our software has also been recommended and written about in many computer security and privacy books
Spyware Description:
Secretly monitor PC. Record keystrokes, chats, websites, passwords, windows, and more. It includes severe risk threats that are typically installed without user interaction through security exploits, and may allow an attacker to remotely control the
infected machine. Such threats may allow the attacker to install additional malware and use the compromised machine to participate in denial of service attacks, spamming, and bot nets, or to transmit sensitive data to a remote server. The malware
may be cloaked and not visible to the user. These threats severely compromise the system by lowering security settings, installing âbackdoors,â infecting system files, or spreading to other networked machines0
Characteristics/Symptoms:
-> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0
Additional information might be found here:
Processes Running:
sb32mon.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\ExploreAnywhere\SpyBuddy\help\convolog.htm |
2592 |
HTM File |
| C:\Program Files\ExploreAnywhere\SpyBuddy\help\cp_removal.htm |
3121 |
HTM File |
| C:\Program Files\ExploreAnywhere\SpyBuddy\help\disableboot.htm |
3193 |
HTM File |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\ExploreAnywhere\SpyBuddy |
| C:\Program Files\ExploreAnywhere\SpyBuddy\help |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
SOFTWAREMicrosoftWindowsCurrentVersionUninstallSpyBuddy |
DisplayName |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpyBuddy |
UninstallString |
