| NETObserve removal| Spyware NETObserve Information |
|---|
Name: NETObserve
Category: Commercial RAT
Date: 2003-01-01
Coded in: Delphi
Dangerous: Yes |
NETObserve is Commercial RAT which is malware.
Key Logger. Runs silently, logs typed-in key sequences & more. Can be remotely managed through a web browser. Commercial Remote Administration Tool. Surveillance Capabilities: Internet Conversation Logging - Log both sides of all chat conversations for AOL/ICQ/MSN/AIM/Yahoo Instant Messengers, & view them in real time. Window Activity Logging - Capture data concerning all windows that were viewed & interacted with. Program Activity Logging - Track every program executable that was launched & interacted with. Clipboard Activity Logging - Capture & store all text & picture items that were copied to the clipboard while the user was using the PC. Printed Documents Logging - Log specific data on all documents that were sent to the print spooler. Keystroke Watching <before | after> - Track all typed-in key sequences pressed & which windows they were pressed in. Typed-in key sequences can also be passed via a formatter for easy viewing/exporting. Websites Activity Logging - Log all website titles & addresses that were visited on the PC. Supported browsers include Internet Explorer, Netscape, & Opera. Screen Shot Capturing - Automatically capture screen shots of the desktop at define intervals. Webcam Image Capturing - Automatically capture images from the web cam connected to the PC. Remote Administration Capabilities: File Sharing - Browse directories/files in real time, as well as transfer files, rename files, & delete files. Startup Application Moderating - Remotely configure Windows startup programs by editing existing startup program information, or by deleting programs from starting up on the machine running NETObserve. Picture Cache Surfing - Browse the remote machines Internet Explorer picture cache. Statistics for each picture is included in the cache report - such as last view, total views, & more. Favorite Places - Browse, launch, edit, delete, & manage Internet Explorer bookmarks on the remote machine. Internet Connection/Port Viewing -View all open internet connections & open ports on the machine running NETObserve. An integrated Whois Lookup is also included for instantly retrieving data on any remote host. Perfect for spotting Trojans <malicious viruses>, or any possible open areas on your network that could lead to a dangerous situation. Process Management - Remotely view open windows & processes on the machine running NETObserve. You can freely terminate or near a window with a single click. System Control - Quickly shutdown/reboot/logoff the remote machine, as well as put the machine into Lockdown Mode. Lockdown Mode will bar the PC of any usage, & the only way to regain control of it is if you <the administrator> unlocks it. Window Management - Remotely deactivate & kill windows [in real time] that you do not wish to be running. Other Features: Stealth Mode. Web Content Filtering - Filter out websites & protocol from being used, & automatically track attempts made to view the banned material. Windows Startup - Configure NETObserve to startup for a single user, or to start up as a service for all users on the system. Automatic Active Startup - Configure NETObserve to start in "Active" mode when it is launched. Password Protection - NETObserve requires a password for starting/stopping the watching process & when connecting to the NETObserve Web Control Panel. IP Banning - Filter out IP Addresses/Host Names from connecting to the NETObserve Web Control Panel. Precise User Tracking - NETObserve will captures the current Windows user & the time & date an action if performed. Inactivity Watching - Automatically suspend NETObserve from watching if the system is inactive for a specified amount of time. Scheduling Agent - Automatically configure NETObserve to start/or stop at specified times & dates, or configure it to do it at the same time every day. Automatic Log Clearing - Automatically clean old captures when they reach a certain size. Installing it is highly not recommended.
NETObserve description by publisher: Creator:
Internet Conversation Logging - Log both sides of all chat conversations for
AOL/ICQ/MSN/AIM/Yahoo Instant Messengers, & view them in real time.
Window Activity Logging - Capture data concerning all windows that were viewed
and interacted with.
Program Activity Logging - Track every program executable that was launched & interacted with.
Clipboard Activity Logging - Capture & store all text & picture items that were
copied to the clipboard while the person was using the PC.
Printed Documents Logging - Log specific data on all documents that were sent to the printer spool.
Keystroke Watching - Track all typed-in key sequences pressed & which windows they were pressed in.
Typed-in key sequences can also be passed via a formatter for easy viewing/exporting.
Web-sites Activity Logging - Log all web-site titles & addresses that were visited on the PC.
Supported browsers include Internet Explorer, Netscape, & Opera.
Screen Shot Capturing - Automatically capture screen shots of the desktop at define intervals
- perfect for visually seeing what is going on.
Webcam Image Capturing - Automatically capture images from the web cam connected to the PC
- perfect for seeing what is going on around the PC & not just what is going on inside the PC.
Remote Administration Features
File Sharing - Browse directories/any file in real time, as well as transfer any file,
rename any file, & delete any file.
Startup Moderating - Remotely configure Windows startup programs by editing existing
startup program information, or by deleting programs from starting up on the machine running NETObserve.
Picture Cache Surfing - Browse the remote machines Internet Explorer picture cache.
Statistics for each picture is included in the cache report - such as last view, total views, & more.
Favorite Places - Browse, launch, edit, delete, & manage Internet Explorer bookmarks
on the remote machine.
Internet Connection/Port Viewing -View all open internet connections & open ports
on the machine running NETObserve. An integrated Whois Lookup is also included for instantly
retrieving data on any remote host. Perfect for spotting Trojans [malicious viruses],
or any possible open areas on your network that could lead to a dangerous situation.
Process Management - Remotely view open windows & processes on the machine running NETObserve.
You can freely terminate or near a window with a single click.
System Control - Quickly shutdown/reboot/logoff the remote machine, as well as put the
machine into Lockdown Mode. Lockdown Mode will bar the PC of any usage, & the only
way to regain control of it´s if you [the administrator] unlocks it.
Window Management - Remotely deactive & kill windows (in real time) that you don´t wish to be running.
Taketh Mode - Run NETObserve in total taketh - the person will not know that it´s running!
>> Delete NETObserve automatically - Download Spyware Doctor
| NETObserve Removal Instructions |
|---|
Kill the following processes broadcast.exe, netobserve.exe | Unregister the following DLLs and reboot easys.dll.
| Delete these registry entries HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\netobserve 2.9
| Remove the following files applog.dat, broadcast.exe, easys.dll, help.cnt, help.hlp, license.txt, purchase netobserve 2.9 now!.url, readme.txt, uninstal.log, visit the netobserve website.url, windowlog.dat.
netobserve.exe in Program Files\exploreanywhere\netobserve\
| Remove the following directories Program Files\exploreanywhere\netobserve
|
Bookmark NETObserve page
|