ActMon Computer Monitoring

Popis: Keylogger
Úroveň rizika: Nízké
Datum 1. výskytu: Wednesday, June 18, 2008
Poskytovatel Softwaru: (neznámá)
Stručné informace: Keyloggers invisibly monitor and record all of your computer activity. This information is then automatically emailed to an anonymous user.
Odstranění: Tento škodlivý software může být odstraněn pomocí "Spyware Terminatora"

Geogr. rozdělení softwaru "ActMon Computer Monitoring"

Info o škodlivém softwaru

Zobrazit vše

Detected Items

  1. Detected Files: %SYSDIR%\acmcc.exe MD5: B9F33372188F8C8CEE5E9A45E91E69AF Size:1257472 %SYSDIR%\drivers\wskrnlc.sys MD5: A95BA40272AE3B5B647CA02DBA76AB86 Size:5632 %SYSDIR%\wskrnle.dll MD5: 80AA78F2C5BC75A3612760602C6F6D55 Size:99840 %SYSDIR%\wskrnl.exe MD5: F117142C29CF21EFDEC3C2DEE5A774BC Size:962560 %SYSDIR%\wskrnlb.dll MD5: C7E0318367A961D4DF88B49D8EF1A69A Size:41472 %SYSDIR%\wskrnld.dll MD5: F14EF301E0C082185C06EC2647DD31C3 Size:36352 %SYSDIR%\wskrnlc.vxd MD5: C09B03CF42EBC13FD99CBC375A4742A9 Size:13480 %SYSDIR%\wskrnlb.exe MD5: 03234450B2A3946B961E3261341EB08C Size:24576
  2. Detected Files with variable Filenames:

Detecting items list:

  1. Files by Name %SYSDIR%\acmcc.exe %SYSDIR%\acm-manual.chm %SYSDIR%\rbwinx1.dll %SYSDIR%\wskrnl.exe %SYSDIR%\wskrnlb.dll %SYSDIR%\wskrnlb.exe %SYSDIR%\wskrnlc.vxd %SYSDIR%\wskrnld.dll %SYSDIR%\wskrnle.dll %SYSDIR%\drivers\wskrnlc.sys
  2. Registry Keys HKLM\SOFTWARE\wskrnl HKLM\SYSTEM\ControlSet002\Services\wskrnlc
  3. Registry Values HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run ValueName=wskrnl

« Jít do Databáze softwaru