Spyware
Spyware is a program that captures and logs keystrokes on the computer without the user's knowledge and consent. The logged data may be encrypted and is typically sent to a remote attacker.0
General information:
| Malware Name: |
Spyware |
| Malware Type: |
Key Logger |
| Company Name: |
EffeTech |
| Company URL: |
http://effetech.com/
|
| Threat Level: |
Elevated Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation. |
Company Description:
EffeTech is a leading network security provider, who is dedicated to explore and implement a variety of network security and network management techniques. EffeTech is the abbreviation for Effective Technologies, which is also its goal. The Company's
products are currently licensed in more than 100 countries. EffeTech's clientele includes large corporations, government education entities and individual users worldwide. Its expertise is focused on developing network management solutions for
web surfing auditing, network administration, TCP/IP applications for LANs and intranets, tools for instant messengers and http server development. EffeTech develops a series of award winning, powerful network sniffer and network security software
for parents, network administrators, managers, and network program developers. The purpose of this groundbreaking software is to analyze and report network traffic as well as advanced information inside packets, such as url of http, password, chat
conversations, and etc. All EffeTech sniffer software is compatible with Win9x, ME, NT4, 2000 and XP.
Spyware Description:
Spyware is a program that captures and logs keystrokes on the computer without the user's knowledge and consent. The logged data may be encrypted and is typically sent to a remote attacker.0
Characteristics/Symptoms:
-> Intercepts keystrokes from the keyboard and records them in a log -> Monitor and capture data from computers -> Starts with the operating system -> Run in stealth mode0
Additional information might be found here:
Processes Running:
APS.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Documents and Settings\All Users\Start Menu\Programs\Ace Password Sniffer\Ace Password Sniffer.lnk |
1421 |
Shortcut |
| C:\Program Files\Ace Password Sniffer\UNWISE.EXE |
165376 |
Application |
| C:\Program Files\Ace Password Sniffer\readme.txt |
1733 |
Text Document |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\Ace Password Sniffer |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ace Password Sniffer v1.2 |
Publisher |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ace Password Sniffer v1.2 |
URLInfoAbout |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ace Password Sniffer v1.2 |
UninstallString |
