PlanetRemote

PlanetRemote is a Commercial Remote Control Tool that can be used to harm a user from a remote location. This is not not harmful unless installed and used without the knowledge of the computer user or network administrator.0

General information:

Malware Name: PlanetRemote
Malware Type: Remote Control
Company Name: PlanetDNS
Company URL: http://www.planetremote.com/
Threat Level: Low Risk
Operating System: WIN XP
Installation Type: Installed through EXE
Operation: Time of After Installation

Company Description:

PlanetDNS provides us the software PlanetRemote that enables you to take control of your computer remotely and interact with its desktop as if you were sitting right in front of it. It controls multiple computers from within a LAN or from the Internet. You can take control of your computer from any other computer connected to your local network using either a web browser or the PlanetRemote viewer application included with this product.

Spyware Description:

PlanetRemote is a Commercial Remote Control Tool that can be used to harm a user from a remote location. This is not not harmful unless installed and used without the knowledge of the computer user or network administrator.0

Characteristics/Symptoms:

    -> It can remotely control the user's PC. -> It is not harmful unless installed and used without the knowledge of the computer user or network administrator. -> It configured to start automatically with the operating system. -> It has the settings to alert local desktop user, by disabling the setting it can be used without the notice of the user.0

Additional information might be found here:

google Search at Google for PlanetRemote
bing Search at Bing for PlanetRemote
yahoo Search at Yahoo for PlanetRemote

Processes Running:

pdshell.exe

File information Created after Installation:

File Location Size (Bytes) Type
C:\Documents and Settings\All Users\Start Menu\Programs\PlanetDNS\PlanetRemote\Contact PlanetDNS Support.url 121 Internet Shortcut
C:\Documents and Settings\All Users\Start Menu\Programs\PlanetDNS\PlanetRemote\Read Me.lnk 644 Shortcut
C:\Program Files\NewAce Corporation\PlanetRemote\ext\mshupdate.dll 86016 Application Extension

Folder information Created after Installation:

Folder Location
C:\Program Files\NewAce Corporation\PlanetRemote
C:\Program Files\NewAce Corporation\PlanetRemote\e

Registry information Created after Installation:

Main Registry Key Sub Registry Key Key Value Name
HKEY_LOCAL_MACHINE SOFTWAREMicrosoftWindowsCurrentVersionUninstall{A3E24F85-0EAE-4376-AE14-A0CBBDF80A7D} URLInfoAbout
HKEY_LOCAL_MACHINE SOFTWAREMicrosoftWindowsCurrentVersionUninstall{A3E24F85-0EAE-4376-AE14-A0CBBDF80A7D} UninstallString
HKEY_LOCAL_MACHINE SOFTWAREMicrosoftWindowsCurrentVersionUninstall{A3E24F85-0EAE-4376-AE14-A0CBBDF80A7D} Version