PC Acme
PC Activity Monitor (PC ACME) products are designed for monitoring of user's PC activity. PC Acme can work under Windows 2000/XP operating systems. All the data collected by the monitoring agent are saved to the encrypted log file located on a
user's machine. The monitoring agent works in the background transparently for the user, on the level of OS kernel driver. Severe risk threats are typically installed without user interaction through security exploits, and may allow an attacker
to remotely control the infected machine. Such threats may allow the attacker to install additional malware and use the compromised machine to participate in denial of service attacks, spamming, and bot nets, or to transmit sensitive data to a remote
server.0
General information:
| Malware Name: |
PC Acme |
| Malware Type: |
Key Logger |
| Company Name: |
Raytown Corporation LLC |
| Company URL: |
http://softsecurity.com/
|
| Threat Level: |
|
| Operating System: |
|
| Installation Type: |
|
| Operation: |
|
Company Description:
Raytown Corporation LLC is an independent monitoring and anti-monitoring software developing company. Its specialists have more than 10 years of experience in information protection. Today its products and custom solutions may be found in more than
80 countries all over the world, including a large number of Fortune 500 companies, law enforcement, government organizations, and military agencies. Its information security technologies are used all over the globe. Its software is a perfect example
of ability to combine software development skills with a deep understanding of the state-of-the-art solutions in information security.
Spyware Description:
PC Activity Monitor (PC ACME) products are designed for monitoring of user's PC activity. PC Acme can work under Windows 2000/XP operating systems. All the data collected by the monitoring agent are saved to the encrypted log file located on a
user's machine. The monitoring agent works in the background transparently for the user, on the level of OS kernel driver. Severe risk threats are typically installed without user interaction through security exploits, and may allow an attacker
to remotely control the infected machine. Such threats may allow the attacker to install additional malware and use the compromised machine to participate in denial of service attacks, spamming, and bot nets, or to transmit sensitive data to a remote
server.0
Characteristics/Symptoms:
-> Monitor and capture data from computers -> Run in stealth mode -> Intercepts keystrokes from the keyboard and records them in a log -> Starts with the operating system0
Additional information might be found here:
Processes Running:
view.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Documents and Settings\User\Start Menu\Programs\PC Acme\Control Center.lnk |
630 |
Shortcut |
| C:\Documents and Settings\User\Start Menu\Programs\PC Acme\Help.lnk |
611 |
Shortcut |
| C:\Program Files\PC Acme\control.exe |
233583 |
Application |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\PC Acme |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_LOCAL_MACHINE |
SOFTWAREMicrosoftWindowsCurrentVersionUninstallPC Acme uninstall |
DisplayName |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PC Acme uninstall |
SlowInfoCache |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Acme uninstall |
UninstallString |
