PC Remote
PC Remote is a remote control that is a network application that allows administrators to manage and control PCs or networks from a remote location. The application can be used to gather information from a remote PC on the Network. It captures all
the mouse and keyboard events on the remote PC.
General information:
| Malware Name: |
PC Remote |
| Malware Type: |
Remote Control |
| Company Name: |
American Systems |
| Company URL: |
http://americansys.com/
|
| Threat Level: |
Elevated Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation |
Company Description:
American Systems provides you the software PC Remote that is an intuitive, multi-faceted program that lets you access another computer from a remote location. Designed to be flexible and inexpensive, PC Remote lets you access another computer across
a network, on the Internet, on the computer serial ports, or through a modem connection. Now you have multiple ways to access the data you need. PC Remote is the low cost solution for accessing remote computers.
Spyware Description:
PC Remote is a remote control that is a network application that allows administrators to manage and control PCs or networks from a remote location. The application can be used to gather information from a remote PC on the Network. It captures all
the mouse and keyboard events on the remote PC.
Characteristics/Symptoms:
-> The application can be used to gather information from a remote PC on the Network. -> It captures all the mouse and keyboard events on the remote PC. -> The remote computer screen can be viewed using PC Remote.
Additional information might be found here:
Processes Running:
rceval.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\American Systems\PC Remote\ltkrn10N.dll |
297472 |
Application Extension |
| C:\WINDOWS\amuninst.exe |
212992 |
Application |
| C:\WINDOWS\unrc.ini |
665 |
Configuration Settings |
Folder information Created after Installation:
| Folder Location |
| C:\Documents and Settings\[USER]\Start Menu\Programs\PC Remot |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_CURRENT_USER |
\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\PC Remote |
|
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PCRemote |
Changed |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCRemote |
|
