ActMon Computer Monitoring
|
Description:
|
Keylogger
|
|
Risk Level:
|
Low
|
|
Date of First Occurence:
|
Wednesday, June 18, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Keyloggers invisibly monitor and record all of your computer activity. This information is then automatically emailed to an anonymous user.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SCAN & REMOVE NOW »
Geographical Distribution of Threat "ActMon Computer Monitoring"
Threat Info
View All
Detected Items
- Detected Files:
%SYSDIR%\drivers\wskrnlc.sys
MD5: A95BA40272AE3B5B647CA02DBA76AB86 Size:5632
%SYSDIR%\wskrnle.dll
MD5: 80AA78F2C5BC75A3612760602C6F6D55 Size:99840
%SYSDIR%\wskrnld.dll
MD5: F14EF301E0C082185C06EC2647DD31C3 Size:36352
%SYSDIR%\wskrnlc.vxd
MD5: C09B03CF42EBC13FD99CBC375A4742A9 Size:13480
%SYSDIR%\acmcc.exe
MD5: B9F33372188F8C8CEE5E9A45E91E69AF Size:1257472
%SYSDIR%\wskrnl.exe
MD5: F117142C29CF21EFDEC3C2DEE5A774BC Size:962560
%SYSDIR%\wskrnlb.exe
MD5: 03234450B2A3946B961E3261341EB08C Size:24576
%SYSDIR%\wskrnlb.dll
MD5: C7E0318367A961D4DF88B49D8EF1A69A Size:41472
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%SYSDIR%\acmcc.exe
%SYSDIR%\acm-manual.chm
%SYSDIR%\rbwinx1.dll
%SYSDIR%\wskrnl.exe
%SYSDIR%\wskrnlb.dll
%SYSDIR%\wskrnlb.exe
%SYSDIR%\wskrnlc.vxd
%SYSDIR%\wskrnld.dll
%SYSDIR%\wskrnle.dll
%SYSDIR%\drivers\wskrnlc.sys
- Registry Keys
HKLM\SOFTWARE\wskrnl
HKLM\SYSTEM\ControlSet002\Services\wskrnlc
- Registry Values
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run ValueName=wskrnl
«
Go to Software Database