A program that monitors and records all actions on a computer, including keystrokes entered.
Based on the settings of your F-Secure security product, it may block the file from running, move it to the quarantine where it cannot spread or cause harm, or ask you to select an action.
A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:
Check for the latest database updates
First check if your F-Secure security program is using the latest updates, then try scanning the file again.
Submit a sample
After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis.
Note: If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.
Exclude a file from further scanning
If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.
Note: You need administrative rights to change the settings.
Monitoring-Tool:W32/PCDM.A is a riskware application designed to perform monitoring activities in a computer. The program must be manually installed on the computer system.
According to the application's product page, the program has the following features/functionalities:
Log Report and Emailing
Here is a screenshot of its user interface:
The default installation is to the following location:
At this location are saved the program's main binary files and components:
Collected Log files for each users are stored in the following folder:
Note:%Program Files% is the environment variable for the Program Files Directory, which is typically the C:\Program Files folder.
%Documents and Settings% is the environment variable for the Documents and Settings Directory, which is typically the C:\Documents and Settings folder.
Though the program claims to be running in stealth mode, it does not implement any high level techniques to hide its process and folders, the former being easily identified using freely available tools, as seen in this screenshot of three different tools used to view the processes (click for larger view):
Folders can be made visible by making certain changes to the Windows Folder Options settings, as can be seen in the image below (click for larger view):
The following are the registry entries created by the program:
Where "=" is the installation directory of the program and "hd" is its parameter indicating that the program be run as hidden.
Ask questions in our Community .
Check the user guide for instructions.
Submit a Sample
Submit a file or URL for analysis.