WinShadow
WinShadow is a remote control tool remotely controls your keyboard and mouse, view multiple clients, and launch remote applications. It fully controls remote desktop of PC or server.
General information:
| Malware Name: |
WinShadow |
| Malware Type: |
Remote Control Tool |
| Company Name: |
OmniCom Technologies, Inc |
| Company URL: |
http://omnicomtech.com/
|
| Threat Level: |
Low Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation |
Company Description:
OmniCom Technologies, Inc provides you the software WinShadow that is ideal software for remote and mobile users, troubleshooting and helpdesk support allowing full control of remote desktop of PC or server including screen, keyboard, and mouse. It
is a remote desktop tool for the Internet and private local and wide area networks. It features Remote desktop display, remote control of keyboard and mouse, view multiple clients, launch remote applications, file and clipboard transfer, keyboard/mouse
input dialer, and full-screen capability.
Spyware Description:
WinShadow is a remote control tool remotely controls your keyboard and mouse, view multiple clients, and launch remote applications. It fully controls remote desktop of PC or server.
Characteristics/Symptoms:
-> It remotely controls your keyboard and mouse, view multiple clients, and launch remote applications. -> It fully controls remote desktop of PC or server.
Additional information might be found here:
Processes Running:
shwSrvc.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\OmniCom\winShadow\shwMirror.inf |
2648 |
Setup Information |
| C:\Program Files\OmniCom\winShadow\shwMirror.sys |
3584 |
System file |
| C:\Program Files\OmniCom\winShadow\shwNameExt.dll |
204800 |
Application Extension |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\OmniCom\winShado |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\OmniCom\winShadow\3.0 |
|
| HKEY_LOCAL_MACHINE |
\SOFTWARE\OmniCom\winShadow\Init |
|
| HKEY_LOCAL_MACHINE |
\SOFTWARE\OmniCom\winShadow\Init |
DebugLevel |
