|
NETObserve removal
| Spyware NETObserve Information |
Name: NETObserve
Category: Commercial RAT
Date: 2003-01-01
Coded in: Delphi
Dangerous: Yes
|
NETObserve is Commercial RAT which is malware.
Key Logger. Runs silently, logs typed-in key sequences & more. Can be remotely managed through a web browser. Commercial Remote Administration Tool. Surveillance Capabilities: Internet Conversation Logging - Log both sides of all chat conversations for AOL/ICQ/MSN/AIM/Yahoo Instant Messengers, & view them in real time. Window Activity Logging - Capture data concerning all windows that were viewed & interacted with. Program Activity Logging - Track every program executable that was launched & interacted with. Clipboard Activity Logging - Capture & store all text & picture items that were copied to the clipboard while the user was using the PC. Printed Documents Logging - Log specific data on all documents that were sent to the print spooler. Keystroke Watching - Track all typed-in key sequences pressed & which windows they were pressed in. Typed-in key sequences can also be passed via a formatter for easy viewing/exporting. Websites Activity Logging - Log all website titles & addresses that were visited on the PC. Supported browsers include Internet Explorer, Netscape, & Opera. Screen Shot Capturing - Automatically capture screen shots of the desktop at define intervals. Webcam Image Capturing - Automatically capture images from the web cam connected to the PC. Remote Administration Capabilities: File Sharing - Browse directories/files in real time, as well as transfer files, rename files, & delete files. Startup Application Moderating - Remotely configure Windows startup programs by editing existing startup program information, or by deleting programs from starting up on the machine running NETObserve. Picture Cache Surfing - Browse the remote machines Internet Explorer picture cache. Statistics for each picture is included in the cache report - such as last view, total views, & more. Favorite Places - Browse, launch, edit, delete, & manage Internet Explorer bookmarks on the remote machine. Internet Connection/Port Viewing -View all open internet connections & open ports on the machine running NETObserve. An integrated Whois Lookup is also included for instantly retrieving data on any remote host. Perfect for spotting Trojans , or any possible open areas on your network that could lead to a dangerous situation. Process Management - Remotely view open windows & processes on the machine running NETObserve. You can freely terminate or near a window with a single click. System Control - Quickly shutdown/reboot/logoff the remote machine, as well as put the machine into Lockdown Mode. Lockdown Mode will bar the PC of any usage, & the only way to regain control of it is if you unlocks it. Window Management - Remotely deactivate & kill windows [in real time] that you do not wish to be running. Other Features: Stealth Mode. Web Content Filtering - Filter out websites & protocol from being used, & automatically track attempts made to view the banned material. Windows Startup - Configure NETObserve to startup for a single user, or to start up as a service for all users on the system. Automatic Active Startup - Configure NETObserve to start in "Active" mode when it is launched. Password Protection - NETObserve requires a password for starting/stopping the watching process & when connecting to the NETObserve Web Control Panel. IP Banning - Filter out IP Addresses/Host Names from connecting to the NETObserve Web Control Panel. Precise User Tracking - NETObserve will captures the current Windows user & the time & date an action if performed. Inactivity Watching - Automatically suspend NETObserve from watching if the system is inactive for a specified amount of time. Scheduling Agent - Automatically configure NETObserve to start/or stop at specified times & dates, or configure it to do it at the same time every day. Automatic Log Clearing - Automatically clean old captures when they reach a certain size. Installing it is highly not recommended.
NETObserve description by publisher:
Creator: Internet Conversation Logging - Log both sides of all chat conversations for AOL/ICQ/MSN/AIM/Yahoo Instant Messengers, & view them in real time. Window Activity Logging - Capture data concerning all windows that were viewed and interacted with. Program Activity Logging - Track every program executable that was launched & interacted with. Clipboard Activity Logging - Capture & store all text & picture items that were copied to the clipboard while the person was using the PC. Printed Documents Logging - Log specific data on all documents that were sent to the printer spool. Keystroke Watching - Track all typed-in key sequences pressed & which windows they were pressed in. Typed-in key sequences can also be passed via a formatter for easy viewing/exporting. Web-sites Activity Logging - Log all web-site titles & addresses that were visited on the PC. Supported browsers include Internet Explorer, Netscape, & Opera. Screen Shot Capturing - Automatically capture screen shots of the desktop at define intervals - perfect for visually seeing what is going on. Webcam Image Capturing - Automatically capture images from the web cam connected to the PC - perfect for seeing what is going on around the PC & not just what is going on inside the PC. Remote Administration Features File Sharing - Browse directories/any file in real time, as well as transfer any file, rename any file, & delete any file. Startup Moderating - Remotely configure Windows startup programs by editing existing startup program information, or by deleting programs from starting up on the machine running NETObserve. Picture Cache Surfing - Browse the remote machines Internet Explorer picture cache. Statistics for each picture is included in the cache report - such as last view, total views, & more. Favorite Places - Browse, launch, edit, delete, & manage Internet Explorer bookmarks on the remote machine. Internet Connection/Port Viewing -View all open internet connections & open ports on the machine running NETObserve. An integrated Whois Lookup is also included for instantly retrieving data on any remote host. Perfect for spotting Trojans [malicious viruses], or any possible open areas on your network that could lead to a dangerous situation. Process Management - Remotely view open windows & processes on the machine running NETObserve. You can freely terminate or near a window with a single click. System Control - Quickly shutdown/reboot/logoff the remote machine, as well as put the machine into Lockdown Mode. Lockdown Mode will bar the PC of any usage, & the only way to regain control of it´s if you [the administrator] unlocks it. Window Management - Remotely deactive & kill windows (in real time) that you don´t wish to be running. Taketh Mode - Run NETObserve in total taketh - the person will not know that it´s running!
>> Delete NETObserve automatically - Download Spyware Doctor
| NETObserve Removal Instructions |
|
Kill the following processes
broadcast.exe, netobserve.exe
|
|
Unregister the following DLLs and reboot
easys.dll.
|
|
Delete these registry entries
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\netobserve 2.9
|
|
Remove the following files
applog.dat, broadcast.exe, easys.dll, help.cnt, help.hlp, license.txt, purchase netobserve 2.9 now!.url, readme.txt, uninstal.log, visit the netobserve website.url, windowlog.dat.
netobserve.exe in Program Files\exploreanywhere\netobserve\
|
|
Remove the following directories
Program Files\exploreanywhere\netobserve
|
Bookmark NETObserve page
|