PSGuard

Description:	Adware
Risk Level:	High
Date of First Occurence:	Friday, May 09, 2008
Software Developer:	(unknown)
Brief Info:	PSGuard is a fraudulent anti-spyware program which uses desktop advertising to scare users into paying for the product.
Removal:	This threat can be removed using "Spyware Terminator"

RIMUOVI SPYWARE »

Geographical Distribution of Threat "PSGuard"

Threat Info

View All

Detected Items

Detected Files: %PROGRAMFILES%\psguard\WndSystem.dll MD5: DE37D592D3E7F9A53FC987D958566899 Size:237568 %PROGRAMFILES%\psguard\msvcr71.dll MD5: 86F1895AE8C5E8B17D99ECE768A70732 Size:348160 %PROGRAMFILES%\psguard\msvcp71.dll MD5: 561FA2ABB31DFA8FAB762145F81667C2 Size:499712 %PROGRAMFILES%\psguard\Localization.dll MD5: BA8296F725A34782CACDFA934A4CFE41 Size:970752 MD5: 9AFF3EF409D97714E46DE604F8B9B46A Size:1056768 %PROGRAMFILES%\psguard\Core.dll MD5: 2D9C31C9E01FB7C4369F08A919E494B0 Size:405504 %PROGRAMFILES%\PSGuard\Uninstall.exe MD5: 00C6E4A64DEB8C7E63EC965D5A9C673A Size:70394 %PROGRAMFILES%\PSGuard\PSGuard.exe MD5: D72DB61A2E89966BFE5AAB5A4EC03EA1 Size:569344 %SystemDiskRoot%\System Volume Information\_restore{2C1F9D94-94DB-4AEA-B0AF-4F15A5C0247C}\RP406\A0028003.exe MD5: A36E719F884A1D1F0BF3ECE901305888 Size:2495633 %PROGRAMFILES%\psguard\WndLayer.dll MD5: 1D656EAADDBAE9EFB9E611D5B0675C04 Size:217088 %PROGRAMFILES%\psguard\Uninstall.exe MD5: A719FCCC75B6F63B317A69305E9C6268 Size:70413 MD5: 9BB6E8312ACF2481F27DDCD8C39E6E2E Size:50909 %PROGRAMFILES%\psguard\AVECore.dll MD5: 328A8FBC5ACAA3F61F6CF6333A4F4B14 Size:323584 %PROGRAMFILES%\psguard\PSGuard.exe MD5: 8319803A19F9B9A5A1516B9F2D2ED3CA Size:507904 MD5: C15996EE94A8509A1B025460FDA2A705 Size:598016 %PROGRAMFILES%\psguard\PSGuardSkin.dll MD5: D30B878AB053FAD0CE7ACB24E8A3E697 Size:5300224 %PROGRAMFILES%\psguard\MSIMG32FOR9X.DLL MD5: 23454F525DA0ED5411BF7ED39B5059C2 Size:53248 %PROGRAMFILES%\psguard\MFC71ENU.DLL MD5: BAF751E7061FF626AA60F56D1D5D1FDC Size:57344 %PROGRAMFILES%\psguard\MFC71.dll MD5: F35A584E947A5B401FEB0FE01DB4A0D7 Size:1060864
Detected Files with variable Filenames:

Detecting items list:

Files by Name %ProgramFiles%\P.S.Guard\PSGuard.exe %ProgramFiles%\psguard\PSGuard.exe %programfiles%\psguard\uninstall.exe %programfiles%\psguard\wndsystem.dll %programfiles%\psguard\core.dll %programfiles%\psguard\localization.dll %programfiles%\P.S.Guard\uninstall.exe %programfiles%\P.S.Guard\wndsystem.dll %programfiles%\P.S.Guard\core.dll %programfiles%\P.S.Guard\localization.dll %programfiles%\psguard\psguard.exe.local %desktop%\psguard spyware remover.lnk %APPDATA%\Microsoft\Internet Explorer\Quick Launch\PSGuard spyware remover.lnk %APPDATA%\Microsoft\Internet Explorer\Quick Launch\P.S.Guard spyware remover.lnk %systemdiskroot%\Documents and Settings\All Users\Desktop\PSGuard spyware remover.lnk %systemdiskroot%\Documents and Settings\All Users\Desktop\P.S.Guard spyware remover.lnk %START_PROGRAMSALL%\PSGuard spyware remover\Register PSGuard spyware remover.lnk %START_PROGRAMSALL%\PSGuard spyware remover\Start PSGuard spyware remover.lnk %START_PROGRAMSALL%\PSGuard spyware remover\Uninstall.lnk %START_PROGRAMSALL%\P.S.Guard spyware remover\Register P.S.Guard spyware remover.lnk %START_PROGRAMSALL%\P.S.Guard spyware remover\Start P.S.Guard spyware remover.lnk %START_PROGRAMSALL%\P.S.Guard spyware remover\Uninstall.lnk
Files by MD5 MD5: C15996EE94A8509A1B025460FDA2A705 Size: 598016
Files by Directories %ProgramFiles%\psguard %programfiles%\P.S.Guard %APPDATA%\PSGuard.com %APPDATA%\Shudder Global Limited %START_PROGRAMSALL%\PSGuard spyware remover %START_PROGRAMSALL%\P.S.Guard spyware remover
Files by CLSID or Name CLSID=e5d78bd8-3874-4aa0-9d45-cfb79382c484 CLSID=f4b3e25a-33b4-4647-9a78-b627dde211a6 CLSID=08101c3e-6c90-439e-9734-6e4dd1b53b69 CLSID=09b90087-4ffa-4a44-be69-da117a710f07 CLSID=1449f89c-ad28-427a-97ff-1d5bd812ea43 CLSID=1c08d3d0-1e04-4dde-ab0a-75355ea2585e CLSID=206538f7-f98c-4a46-a7d4-4a37fcdc932b CLSID=20f8b70d-9f16-4dcb-8788-90a0498e46b9 CLSID=28fedb90-53c7-4928-994a-cee782606507 CLSID=2c462d06-3ba0-48bb-9282-bb6519fe86e9 CLSID=3a350193-c7f7-4e10-b347-02ff4c3cc4e9 CLSID=4723879b-8f52-4be7-9994-626afa539366 CLSID=7b6a3434-8625-4abf-b79d-09d98c2498c4 CLSID=8b6c0168-baac-4c7c-911e-0132590f5661 CLSID=8ec33b7d-9953-4edb-ace2-d4c105968601 CLSID=a00e2305-7001-4200-ba00-5779f9a3e7d3 CLSID=a20f5672-7486-4d27-bd2b-e555e4692c5f CLSID=a917b2f3-a9bf-477c-a0e3-0382d0376159 CLSID=b26b5883-f15f-4283-b3d5-a1728077de47 CLSID=b803d266-a08d-4a4c-9604-6d35689abe09 CLSID=c6e2a22c-b3a8-43a4-b5ec-a5bb671ab3f7 CLSID=cb9385ab-8541-4b2f-a363-48f64c612993 CLSID=cf1674cc-ec9a-4aee-996e-65a8f7c0b0e4 CLSID=d5d6e9b5-30d5-4457-ac8b-399205f50411 CLSID=d6a7d177-0b2f-4283-b2e8-b6310a45e606 CLSID=e0d6c30a-b9a3-4181-8099-3b0d5a2b98af CLSID=f100a342-3ac5-47ff-b5b3-fcdb6fc9f016 CLSID=f4364eec-31f5-4b8b-a7e0-3b6394c9d23f CLSID=982392f9-9c65-48b4-b667-3459c46630d1 CLSID=f61d1ce1-5199-4b57-b59e-c6819ea92f3b
Registry Keys HKLM\software\shudderltd\psguard HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PSGuard spyware remover HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\P.S.Guard spyware remover HKLM\SOFTWARE\ShudderLTD HKLM\SOFTWARE\PSGuard.com
Registry Values HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=PSGuard HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=P.S.Guard

« Go to Software Database

Cerca nel nostro database dei software

Sfoglia il database dei software

Ultimissime notizie sui Malware

23. settembre 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notizie sui vecchi malware »