PCMonitor

Description:	Keylogger
Risk Level:	Low
Date of First Occurence:	Tuesday, May 27, 2008
Software Developer:	(unknown)
Brief Info:	Keyloggers invisibly monitor and record all of your computer activity. This information is then automatically emailed to an anonymous user.
Removal:	This threat can be removed using "Spyware Terminator"

RIMUOVI SPYWARE »

Geographical Distribution of Threat "PCMonitor"

Threat Info

View All

Detected Items

Detected Files: %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\sbskey.dll MD5: 0F016C09ECA50252427461DD9D9B628B Size:90112 %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\monpc.exe MD5: 239C67A9334310CFF1C21774DF4AD634 Size:1748992 %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\pcm50.exe MD5: 640ED9293BFFAD3951450069DAFB348D Size:614400
Detected Files with variable Filenames:

Detecting items list:

Files by Name %SYSDIR%\ iepcmsbs.dll %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\monpc.exe %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\Pcm.bup %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\PCM.cnt %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\PCM.HLP %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\Pcm.ldb %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\Pcm.sbs %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\pcm50.exe %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\PCMHelp.doc %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\pcmt.txt %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\Rm.ldb %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\Rm.sec %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\SBSDEFAULT %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\sbskey.dll %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs\Software\SBSDEFAULT %START_PROGRAMSALL%\PCM\PCM Help Document.lnk %START_PROGRAMSALL%\PCM\PCM Help.lnk %START_PROGRAMSALL%\PCM\PCM.lnk %START_PROGRAMSALL%\PCM\Uninstall PCM.lnk
Files by Directories %ALLUSERS_APPDATA%\Microsoft\Msapps\sbs %START_PROGRAMSALL%\PCM
Files by CLSID or Name CLSID=D6862A22-1DD6-11D3-BB7C-444553540000
Registry Keys HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D6862A22-1DD6-11D3-BB7C-444553540000} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PCMonitor.exe HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2E0815CC-52F0-4C32-8C20-0C30A6516155} HKLM\SOFTWARE\PCM\PCMonitor
Registry Values HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=PCStart

« Go to Software Database

Cerca nel nostro database dei software

Sfoglia il database dei software

Ultimissime notizie sui Malware

23. settembre 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notizie sui vecchi malware »