What is Cheat Monitor
Cheat Monitor keylogger is a program that is able to follow every users’ steps. This program is helpful for those who want to know how other people use a computer when its owner is not present. Some users do not like the interface of the program, but it works fine. Cheat Monitor keylogger hides in the system in order not to be visible for users that are going to exploit the computer. If this program is used against you, then it is better to remove Cheat Monitor keylogger, otherwise it will compromise you.
Cheat Monitor keylogger is a program that is able to make screenshots and send them to the e-mail of the owner together with the report about the web pages that were visited and with the name of the program s that were run and also it can send the online conversation from any chat or social network.
This keylogger usually is not used by hackers; it is home program that can carry out the parental control as well. But still there are some cases when hackers use this program in order to gather some very important for them information, such as online banking accounts, email accounts and other sensitive information.
It is very hard to detect Cheat Monitor keylogger in the system, but still you can try to detect and remove Cheat Monitor keylogger, using the manual instructions:
- The first thing that you should do is to stop the malicious process:
- After that you should remove the following files of the keylogger:
- Then you should remove the following registry entries:
- Press Windows+R buttons
- Type regedit and press Enter
- Then you should navigate the registry entries, then highlight them and delete.
- After that you should scan your computer for infections in order to remove Cheat Monitor keylogger once and forever, you can use any antivirus you like. For example, you can use Spyware Doctor or Security Stronghold Antivirus.
– You should press CTRL-SHIFT-ESC buttons simultaneously in order to call the Task Manager.
– Select Processes tab
– Then find and end the process: dotnetchk.exe
%UserProfile%\\Local Settings\\Temp\\cmx1\\cheatmonitorR_SCREEN.DATETIME.[RANDOM DATE AND TIME].png
%UserProfile%\\Local Settings\\Application Data\\Protexis\\UserSettings.xml %UserProfile%\\Local Settings\\Temp\\CFGD.tmp
%UserProfile%\\Local Settings\\Temp\\cmx1\\cheatmonitorR_KEY.klog.html %UserProfile%\\Local Settings\\Temp\\VSDB.tmp\\DotNetFX\\dotnetchk.exe %UserProfile%\\Local Settings\\Temp\\VSDB.tmp\\install.log
%UserProfile%\\Start Menu\\Programs\\cheatmonitor.lnk
C:\\Documents and Settings\\All Users\\Application Data\\Protexis\\DL\\[RANDOM NAME].dlf C:\\Documents and Settings\\All Users\\Application Data\\Protexis\\State\\[RANDOM NAME].dls
%CommonProgramFiles%\\cmx1\\cheatmonitor.ico
%CommonProgramFiles%\\cmx1\\cmx1.dat %CommonProgramFiles%\\cmx1\\setup_dot_net_checker.msi
%Windir%\\Installer\\[RANDOM NAME].msi
You can just navigate the files and remove them, using two buttons simultaneously: SHIFT+DELETE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\???cheatmonitor??? = ???C:\progra~1\common~1\cmx1\start.exe???
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CBDCB339-21C1-4834-9572-51ECC329ABD7}
HKEY_LOCAL_MACHINE\SOFTWARE\cheatmonitor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\2FABB6478E3EAB84C98C6D8AB6155523
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\[RANDOM SID]\Components\858132C493B23D11E8D0000CF486730D
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\[RANDOM SID]\Products\933BCDBC1C124384592715CE3C92BA7D
HKEY_USERS\[RANDOM SID]\Software\Microsoft\Installer\Features\933BCDBC1C124384592715CE3C92BA7D
HKEY_USERS\[RANDOM SID]\Software\Microsoft\Installer\Products\933BCDBC1C124384592715CE3C92BA7D
HKEY_USERS\[RANDOM SID]\Software\Microsoft\Installer\UpgradeCodes\2FABB6478E3EAB84C98C6D8AB6155523
So, open Registry Editor:
About Author:
Material provided by: Alesya Orlova Google