TrueActive Monitor
TrueActive Monitor tracks all activities on a PC: Keystrokes (including the backspace or "delete" key), Internet use, file activity, e-mail, instant messaging and both sides of chat room conversations. TrueActive Monitor can take "screen
snapshots," including web pages visited on the PC, and can also monitor an employee's clipboard to track whether key data has been "copied and pasted."0
General information:
| Malware Name: |
TrueActive Monitor |
| Malware Type: |
Key Logger |
| Company Name: |
WinWhatWhere |
| Company URL: |
http://winwhatwhere.com/
|
| Threat Level: |
High Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation |
Company Description:
This company provides us software TrueActive Monitor that records every activity on the computer. It also records keystrokes, chat, IM, e-mail, screen shots etc. It also works standalone AOR networked computers. Also the data can be e-mailed from
our PC. TrueActive Monitor is free to download.
Spyware Description:
TrueActive Monitor tracks all activities on a PC: Keystrokes (including the backspace or "delete" key), Internet use, file activity, e-mail, instant messaging and both sides of chat room conversations. TrueActive Monitor can take "screen
snapshots," including web pages visited on the PC, and can also monitor an employee's clipboard to track whether key data has been "copied and pasted."0
Characteristics/Symptoms:
-> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0
Additional information might be found here:
Processes Running:
tamset.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Documents and Settings\All Users\Desktop\TrueActive Reports.lnk |
535 |
Shortcut |
| C:\Documents and Settings\All Users\Desktop\TrueActive Setup.lnk |
535 |
Shortcut |
| C:\Program Files\TAM\tamset.exe |
585728 |
Application |
Folder information Created after Installation:
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders |
C:\Documents and Settings\All Users\Application Data\TAM\0 |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders |
C:\Program Files\TAM\0 |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders |
[NULL]0 |
