Winsniffer

Winsniffer is one of the kinds of keylogger. Winsniffer is a keylogger which intercept and log passwords in your LAN. It works as a sniffer, by intercepting all the traffic in local segment. It works on Ethernet, PPP and other LAN. It includes elevated risk threats that are typically installed without adequate notice and consent, and may make unwanted changes to system, such as reconfiguring browser’s homepage and search settings. These threats may install advertising-related add-ons, including toolbars and search bars, or insert advertising-related components into the Winsock Layered Service Provider chain.0

General information:

Malware Name: Winsniffer
Malware Type: Key Logger
Company Name: Winsniffer
Company URL: http://www.winsniffer.com/
Threat Level:
Operating System:
Installation Type:
Operation:

Company Description:

The group of enthusiast, who were keen on network technology, founded Win Sniffer, Inc on August 2000. Now Win Sniffer is one of the leaders of network monitoring utilities. It develops a wide range of program products related to security of Internet. But as always Win Sniffer is dedicated to provide best service and best products to customers. Win Sniffer allows network administrators to capture passwords of any network user. Win Sniffer monitors incoming and outgoing network traffic and decodes FTP, POP3, HTTP, ICQ, SMTP, Telnet, IMAP, and NNTP usernames and passwords.

Spyware Description:

Winsniffer is one of the kinds of keylogger. Winsniffer is a keylogger which intercept and log passwords in your LAN. It works as a sniffer, by intercepting all the traffic in local segment. It works on Ethernet, PPP and other LAN. It includes elevated risk threats that are typically installed without adequate notice and consent, and may make unwanted changes to system, such as reconfiguring browser’s homepage and search settings. These threats may install advertising-related add-ons, including toolbars and search bars, or insert advertising-related components into the Winsock Layered Service Provider chain.0

Characteristics/Symptoms:

    -> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0

Additional information might be found here:

google Search at Google for Winsniffer
bing Search at Bing for Winsniffer
yahoo Search at Yahoo for Winsniffer

Processes Running:

WSMDI.exe

File information Created after Installation:

File Location Size (Bytes) Type
C:\Program Files\WinSniffer\Ctl3dv2.dll 26832 Application Extension
C:\Program Files\WinSniffer\INSTALL.LOG 2721 Text Document
C:\Program Files\WinSniffer\Inetwh16.dll 9136 Application Extension

Folder information Created after Installation:

Folder Location
C:\Program Files\WinSniffer

Registry information Created after Installation:

Main Registry Key Sub Registry Key Key Value Name
HKEY_LOCAL_MACHINE SOFTWAREMicrosoftWindowsCurrentVersionUninstallWin Sniffer 1.2 DisplayName
HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Win Sniffer 1.2 UninstallString