| Serious monitering problem. Any solutions? Recently I terminated an unruly employee. A few days later I noticed some webpages not working. I looked through the history of IE and found he had installed a program called ultraview plus. This program is undetectable to the shareware and full versions of spyware and virus removers I have tried so far. I need this off my business computers ASAP. HAs anyone had any experience with this software? Is there anything I can do short of reformatting and losing everything i have? |
|
davePremium,MVM
join:2000-05-04
not in ohio
kudos:7 Reviews:
 ·Verizon FiOS
 ·Verizon Online DSL
| 1) Ultraview Plus is a keylogger. It's not obvious that a keylogger has anything to do with 'web pages not working'.
2) Given that this guy has installed keyloggers, I wouldn't at this point assume that's all he's done. Maybe reformatting is the only safe option.
3) Why "lose everything"? Don't you have backups? What is the "everything" you would lose? How many computers are we talking about? |
|
 HA NutPremium
join:2004-05-13
USA | reply to spyguy5
I have no experience with UVP but after reading the FAQ page »www.awarenesstech.com/general/faq.html I'd be pretty concerned. It does indeed block web pages, forward emails and more. Scary stuff!
I agree with Dave. I'd backup my data and heavily consider reformating. Even if the ex-employee didn't place anything else on your computers, if half of what this company claims is true, you need to do as much as you can to be rid of it.
(I must admit I'd love to look over a PC running this stuff. Hard to believe it's as invisible as they say it is...) |
|
|
|
1 edit | reply to dave
said by dave:1) Ultraview Plus is a keylogger. It's not obvious that a keylogger has anything to do with 'web pages not working'. Per the FAQ of the UltraView Plus FAQ, it does block websites if so set up:
Q. Does UVP block or just monitor websites?
A. It does both. Using Guardian Angel technology, UltraView Plus scans every individual webpage for your chosen alert words. When it encounters an alert word it can block that page completely or simply take a screenshot for later review. If you desire, you can also block based on URL's. If you choose to monitor websites, with just a click, you will be able to visit the exact website your target visited and see exactly what they saw including searches performed.
Also, per the website, UltraView Plus does so much, I'm not even sure one could call it a "keylogger" and still adequately convey the real scope of the software's abilities. It is really heinous.
------
Edit:
Sorry, HA Nut, I was typing (very slowly) while you were posting. I didn't mean to duplicate your info. |
|
| I read somewhere that spycop removes it, but ive never had experience with the program. I dont have any of the original disks and stuff that came with the computer, so i dont know where to start with formatting. |
|
davePremium,MVM
join:2000-05-04
not in ohio
kudos:7 Reviews:
·Verizon FiOS
·Verizon Online DSL
| reply to BandHeight
said by BandHeight:said by dave:1) Ultraview Plus is a keylogger. It's not obvious that a keylogger has anything to do with 'web pages not working'. Per the FAQ of the UltraView Plus FAQ, it does block websites if so set up My mistake, sorry - I missed that detail. |
|
| reply to spyguy5
If your company has full disk images for the basic setup for all its computers such as ghosting hard drives with all the software needed for employees to do their work then nuke and image. It is best to also look at any other computers that he/she might of had access to. Also installing a key logger in a work environment is not so legal I believe and if it later turns out that former employ is using the information for other purposes charges can be levied if needed.
Bottom line, nuke if you have full fresh back ups or an imaging service and make sure that other computers used by this employee.
--
You know that the heating is messed up when one room is 40 and the other is 106. |
|
 EGeezerSummertimePremium
join:2002-08-04
Midwest
kudos:7
 ·Callcentric
| If OP is planning to pursue charges, the systems need to be secured and a forensic copy of the systems is in order. the local police need to be involved ASAP and damages documented. If you alter files, clean, wipe drives or remove programs, evidence is altered and prosecution becomes more difficult and costly.
I'd guess that since the employer doesn't have copies of his system's OS or licensed programs, and no system backups that the IT piece of this is pretty loose. the systems need to be either scratched and installed - or it may be cheaper to just buy new systems.
In any event, audit and resecure the perimeter of the network before bringing new/rebuilt systems online. If the culprit has opened holes in the firewall/router, the systems will be open to exploit - or at least probing from the outside.
--
Insert catchy sig line here |
|
| There is only one computer. ITs a small self run business, I just want to clean this crap off. |
|
 SteveI know your IP addressConsultant
join:2001-03-10
Yorba Linda, CA
kudos:5 | said by spyguy5:There is only one computer. ITs a small self run business, I just want to clean this crap off. Welcome to the world of "Flatten and Reload"  |
|
davePremium,MVM
join:2000-05-04
not in ohio
kudos:7 | reply to spyguy5
Actually, if I was going to go the flatten-and-reload route, I might consider replacing the disk at this point.
Keep the old one for backup, forensic evidence, peace of mind, etc. |
|
EGeezerSummertimePremium
join:2002-08-04
Midwest
kudos:7 Reviews:
·Callcentric
| reply to Steve
Actually, it would be:
Flatten
Reload
Hunt down drivers
Note that display, network, printer, scanner and other stuff doesn't work because the drivers are wrong or missing.
Hunt down similar software media and license keys.
Install, troubleshoot problems with new version software and down-level data files from old software's backup.
Go to store and buy new PC and software and pay a local geek to migrate data and get it all working.
Beat on local geek because email and/or address couldn't be recovered or is hosed up, favorites don't work right and desktop is all different. 
--
Insert catchy sig line here |
|
| reply to spyguy5
Hi i hope you get it sorted soon !
Out of interest i did the following -
Went to www.awarenesstech.com/general/ and tried to DL the free trial  but all i get is a long wait while it DL's nothing.
When i go to try and order here www.awarenesstech.com/order.aspx i get this - 
?
Spanner
--
I Only Know What I Know, But I'm Learning all The Time - Stay Safe - Spanner intheWorks/SpannerITWks |
|
KiwiPremium
join:2003-05-26
USA/MidWest
kudos:1 Reviews:
 ·Comcast
| reply to spyguy5
Lighten your security a wee bit, it will work. On the other hand this company is highly suspect, read the FAQ. Sounds a lot like someone who knows little, tried something off the back of this company and probably won't know what to do with the FIVE day download anyway!
This is not a company I would be interested in, on a side note. This looks like the OP has only the one computer & EGeezer  has the right answer, right along with a new cheap drive dave -It's cheap enough and it's worth the effort, to do both.
Cheers |
|
| AS much as i apreciate the advice im getting. I would like to try a removal route first. Thats why i asked if anyone had any experience dealing with this software. |
|
| Found that opera goes around the blocking portion of the software. I tried using the demo version of spycop and it didnt detect it and it wasnt in the sgnature library, |
|
Reviews:
·WestNet Broadband
| reply to spyguy5
You asked the question, and going by some of the reputable people that replied, you got an answer, no one here will suggest attempt to clean it. You have allowed your computer to be compromised, from the inside.
Just think of it this way, IF the employee has half a brain, and installed it on purpose, you need to ask yourself this
"Do i do banking online, do i have passwords,do i do online business transaction"
If yes to any of the above, do as everyone has suggested.
Do yourself a favour, start from scratch, and learn by it, even if you have to pay someone to do it, and also ask them to set up a limited user acct separate from yours, for your staff
Clean if you want, but if you really think about it, can you sleep easier for it ? I doubt it.
He might as well have a camera in your bedroom, it's no small issue. |
|
 jbobReach Out and Touch SomeonePremium
join:2004-04-26
Little Rock, AR | reply to spyguy5
Older threads here:
»How can we defeat this legal spy program?
And here:
»www.wilderssecurity.com/archive/···007.html |
|
| Ummm, I went into Spycop and entered \\\\\\\"Ultraview\\\\\\\" in the query and it came up. Also the trial only scans 75% of your files so I\\\\\\\'m not surprised it found nothing. |
|
| reply to spyguy5
Found UVP on a computer I manage.
Seem to have removed it with latest version of Webroot Spy Sweeper.
Sorry I reacted so quickly and didn't take a little time to check it out further before removing (I hope). |
|
