Activity Monitor 3.01
|
· Overview ·
|
Overview |
|
Summary: |
Very intrusive and can monitor files within programs. None of your work is shielded -- especially since this program monitors across a network. Commercial product. |
Vendor Notes: |
from the doc: 'Activity Monitor version 3.01 ' 'This is an application for real time monitoring of users activities on network computers and for employees work time tracking. Administrators can view typing keystrokes in real time, take snapshots of the remote screen at will, view all running programs and monitor when user switches between them, copy any files from remote PC, view visited web site, terminate processes, control computers remotely. User's activities can be stored in log file on the remote workstation, which can be downloaded later manually or by schedule. Log files can be combined and exported to many useful formats to get reports on how much time users spend with particular applications, which programs they run with screenshots and keystrokes, what websites they visit, etc.' 'PROGRAM FEATURES: - Real time keystrokes monitoring - Viewing the desktop from the remote workstations in real time - Monitor Internet surfing on the remote computers in real time - Install Agent (software client part) remotely in silent mode - View running applications list and terminate any of them - Record activity log on the remote PC - Autodetect computers with installed agents on a LAN and manage computers list - Analyze logs with MS Excel to get report, e.g. how much user played games or was surfing the Web at worktime and much more - Configurable logs export to HTML with embedded screenshots - Configurable logs export to delimited text files - Download any files, including logs and screenshots from remote PC - Schedule automatic periodical log file downloads and export - Shut down or reboot computers remotely, Log Off user - Send instant messages to monitored computers - Monitor all users on LAN users simultaneously from one PC - Agent running on remote PC is difficult to find since it does not show up in the task list (on Win9X) - Run commands/programs on remote computers, open web sites/documents for the remote users to view - Shut down or uninstall Agent software remotely - Easy to install and use - Agent runs on Windows 95/98/Me/NT/2000/XP. Activity Monitor part runs on 98/Me/NT/2000/XP INSTALLATION NOTES: First extract files from zip-archive amonitor.zip: amagent30.exe - Activity Monitor Agent. Install it on the remote computers. Runs on Windows 9x/NT/2000/XP Can be installed remotely from Activity Monitor if both computers are Windows NT/2000/XP. Click File->Install Agent in AM. To install in silent mode run with the following command line parameters: /VERYSILENT - do not show user interface. Just install with all default options /OldPsw=xxx - old Agent password. Required for reinstalling Agent /NewPsw=xxx - set this Agent password. Required for monitoring this Agent, uninstalling or reinstalling /DIR="x:\dirname" - directory to install Agent. By default it is installed to Program Files\AMSys /NORESTART - instructs setup not to reboot computer even if it's necessary Deep Software |
Category: |
Key Logger: (Keystroke Logger). A program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully in the hopes of either finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack. For example, a key logger will reveal the contents of all e-mail composed by the user. Keylog programs are commonly included in rootkits and RATs (remote administration trojans). |
Variants: |
|
Similar Pests: |
Key Logger |
Origins |
|
Author: |
Deep Software |
Group: |
Deep Software |
By This Group: |
|
EMail: |
Technical support - support@softactivity.com Sales related information - sales@softactivity.com Product information - info@softactivity.com |
URL: |
http://www.dataman.ro http://www.softactivity.com |
Date of Origin: |
Variants from September, 2001 to March, 2004 |
Distribution |
|
Prevalence: |
|
Clot Factor: |
The "Clot Factor" is a measure of how much a pest "gums up" a machine by adding registry entries, files, and directories. As more objects are placed in a machine, manual removal becomes more difficult and more error-prone. |
Operation |
|
Default Port: |
15164 TCP More info about ports. |
Storage Required: |
|
ScreenShot: |
|
Activity Monitor 3.01
Activity Monitor 3.01
Risks |
|
Detection Issues: |
Difficult to detect by design. May hide from process list. May install with variable names in variable locations. |
Detection and Removal |
|
Automatic Removal: |
|
Manual Removal: |
Follow these steps to remove Activity Monitor from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake. |
| Stop Running Processes: Kill these running processes with Task Manager: | |
| Remove AutoRun Reference: Go To the key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run. If you find the value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\swclient, delete it and reboot the machine immediately. | |
| Unregister DLLs: Unregister these DLLs with Regsvr32, then reboot: | |
| Clean Registry: Remove these registry items (if present) with RegEdit: | |
| Remove Files: Remove these files (if present) with Windows Explorer: | |
Research |
|
File Analyses: |
|
More Info: |
|
Research By: |
|
Last Revised: |
April 25, 2005 |
PestPatrol detects this.