Spector CNE
Administrator's Guide
By default, the Client is configured to operate in stealth mode. The user is unable to
detect the program on the computer. You can disable stealth mode in the
Deployment Utility, causing the recording Client to be visible in the
Windows system tray as a small red square. This Deployment setting is
available at the Security panel and
in the Build options.
When the Client Security Settings panel has Set Spector Client to Stealth Mode enabled, the user will have no indication the Client Recorder is running. Running the Client Recorder service in stealth mode does not slow down the operation of the monitored computer unless the Client is taking a screen snapshot every 5 seconds or less.
The Client Recorder does not appear in the Windows system tray, Windows task list, or Windows Startup folder
The Client Recorder cannot be removed nor does it appear in Add/Remove Programs.
Client Recorder does not install any icons or entries in the Start > Programs menu.
The Client Recorder Service runs "behind the scenes"; the program does not show in the Task Manager.
If you install the Client Viewer, the only way to access it is by using the Hotkey combination and entering the password.
If you clear the Stealth Mode option in the Security panel, the Client will run in visible mode:
An icon appears in the computer's System Tray indicating the Client Service is running.
The Client appears in the Task Manager and in Add/Remove programs.
You can still configure the Client to manually take Snapshots using a hotkey combination.
The Client will still send keyword alert email notification without interrupting the user (does not use the email application or leave traces of the email, and waits for Internet connection rather than actively connecting).
The Client Viewer is not installed unless you specifically request it. If you request the Client Viewer, in Visible Mode, just click on the red square icon in the System Tray and enter the password to open Viewer.
For stealth, be sure to UNCHECK the option Use Fixed Filenames on the Deployment Utility Build options panel. The monitoring software filenames will with each installation to prevent detection. If you check this item, the filenames will be the same on all Clients.
To provide a visible warning to users that they are being watched, enable the Logon Warning option from the Client Security: Advanced settings. This option displays a monitoring warning message each time someone either restarts Windows or a new user logs on to the computer. By default, the warning message not displayed. The warning message should inform the user that their computer activity is being monitored.
If the Administrator user name (profile) you are using to push out the installation does not exist on the Client, it will be created when the task is scheduled. A new profile will create certain folders on the client machine that may be visible to the current computer user. Use a shared administrator account already installed on the computer will avoid detection of this on the Client computer.
If a anti-spy or anti-virus software scans IP ports, it will detect the port opening to communicate with the Data Vault - TCP port 16769.
Client data files may occasionally be detected by anti-virus and anti-spyware programs. If possible, exclude Spector files from being scanned by these programs. Use the static file installation option, and then exclude those files from being scanned. If this isn't possible, check the SpectorSoft Knowledge Base for the most up-to-date solutions. SpectorSoft works diligently to maintain Client stealth as these programs evolve.
Stealth Mode