e-Surveiller 1.0
|
· Overview ·
|
Overview |
|
Vendor Notes: |
From the doc: 'Ever wanted to monitor your home PC from work? Want to monitor PC's across your corporate or home network? Do you want the ability to watch the screens of remote computers in real time? e-Surveiller is your solution! e-Surveiller provides the power to remotely monitor other computers. e-Surveiller allows you to view keystrokes, programs ran, file changes, live viewing of the remote screen' |
Alias: |
Backdoor.VB.iq, Hacktool/BmpToJpg [Panda] |
Category: |
Key Logger: (Keystroke Logger). A program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully in the hopes of either finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack. For example, a key logger will reveal the contents of all e-mail composed by the user. Keylog programs are commonly included in rootkits and RATs (remote administration trojans). Backdoor: A secret or undocumented means of getting into a computer system, or software that uses such a means to penetrate a system. Some software has a backdoor placed by the programmer to allow them to gain access to troubleshoot or change the program. Software that is classified as a "backdoor" is designed to exploit a vulnerability in a system, and open it to future access by an attacker. FTP Server: When installed without user awareness, an FTP server allows an attacker to download any file in the user's machine, to upload new files to that machine, and to replace any existing file with an uploaded file. Misc Tool: Any tool that might be used in planning an attack on a system, developing tools for such an attack, or performing it. Surveillance: Any software designed to use a webcam, microphone, screen capture, or other approaches to monitor and capture information. Some such software will transmit this captured information to a remote source. See also Key Logger. |
Similar Pests: |
Key Logger · Backdoor · FTP Server · Misc Tool · Surveillance |
Origins |
|
Group: |
E-Surveiller Team |
Programming Language: |
Visual Basic |
Date of Origin: |
August, 2002 |
Distribution |
|
Prevalence: |
|
Clot Factor: |
The "Clot Factor" is a measure of how much a pest "gums up" a machine by adding registry entries, files, and directories. As more objects are placed in a machine, manual removal becomes more difficult and more error-prone. |
Growth: |
|
Operation |
|
Default Port: |
113, 438 TCP More info about ports. |
Storage Required: |
|
Restart: |
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "e-Surveiller Station" Autostarting Pests |
ScreenShot: |
|
e-Surveiller 1.0
e-Surveiller 1.0
Risks |
|
Detection Issues: |
Difficult to detect by design. May hide from process list. May install with variable names in variable locations. |
Detection and Removal |
|
Automatic Removal: |
|
Manual Removal: |
Follow these steps to remove E-Surveiller from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake. |
| Stop Running Processes: Kill these running processes with Task Manager: | |
| Remove AutoRun Reference: Go To the key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run. If you find the value HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce\e-surveiller station, delete it and reboot the machine immediately. | |
| Unregister DLLs: Unregister these DLLs with Regsvr32, then reboot: | |
| Clean Registry: Remove these registry items (if present) with RegEdit: | |
| Remove Files: Remove these files (if present) with Windows Explorer: | |
| Remove Directories: Remove these directories (if present) with Windows Explorer: | |
Research |
|
File Analyses: |
|
More Info: |
|
Research By: |
|
Last Revised: |
April 02, 2005 |
PestPatrol detects this.