PCMonitor

PCMonitor is a keylogger with high risk that monitors and captures data from computers including screenshots, keystrokes, web cam and microphone data, instant messaging chat sessions, email, visited websites. It even can steal the password.0

General information:

Malware Name: PCMonitor
Malware Type: Key Logger
Company Name: Strategic Business Solutions Inc
Company URL: http://pcmonitor.com/
Threat Level: High Risk
Operating System: WIN XP
Installation Type: Installed through EXE
Operation: Time of After Installation

Company Description:

Strategic Business Solutions Inc provides you the software PCMonitor that allows you to control the use of your computer and monitor the activities of other users. It monitors internet usage and have the visited sites categorized for you. It has four flexible techniques to limit the use of a computer. It also monitors what software is used and how long it was used. It finds out when someone turns on and off the computer. It also finds out what software is installed and be alerted when software is installed or removed.

Spyware Description:

PCMonitor is a keylogger with high risk that monitors and captures data from computers including screenshots, keystrokes, web cam and microphone data, instant messaging chat sessions, email, visited websites. It even can steal the password.0

Characteristics/Symptoms:

    -> It can even steal the password. -> It is usually hidden from the user. -> It captures and logs keystrokes on the computer without the user's knowledge and consent. -> The logged data may be encrypted and is typically sent to a remote attacker.0

Additional information might be found here:

google Search at Google for PCMonitor
bing Search at Bing for PCMonitor
yahoo Search at Yahoo for PCMonitor

Processes Running:

pcm50.exe

File information Created after Installation:

File Location Size (Bytes) Type
C:\Documents and Settings\All Users\Application Data\Microsoft\Msapps\sbs\PCM.HLP 11756930 Help File
C:\Documents and Settings\All Users\Application Data\Microsoft\Msapps\sbs\monpc.exe 1748992 Application
C:\Documents and Settings\All Users\Start Menu\Programs\PCM\Uninstall PCM.lnk 841 Shortcut

Folder information Created after Installation:

Folder Location
C:\Documents and Settings\All Users\Application Data\Microsoft\Msapps
C:\Documents and Settings\All Users\Application Data\Microsoft\Msapps\sbs

Registry information Created after Installation:

Main Registry Key Sub Registry Key Key Value Name
HKEY_CLASSES_ROOT \CLSID\{D6862A22-1DD6-11D3-BB7C-444553540000} [NULL]0
HKEY_CLASSES_ROOT \CLSID\{D6862A22-1DD6-11D3-BB7C-444553540000}\Implemented Categories [NULL]0
HKEY_CLASSES_ROOT \CLSID\{D6862A22-1DD6-11D3-BB7C-444553540000}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} [NULL]0