Guardian Monitor

Description:	Keylogger
Risk Level:	Low
Date of First Occurence:	Wednesday, July 16, 2008
Software Developer:	(unknown)
Brief Info:	Keyloggers invisibly monitor and record all of your computer activity. This information is then automatically emailed to an anonymous user.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "Guardian Monitor"

Threat Info

View All

Detected Items

Detected Files: %SYSDIR%\GDSys\ipworks5.dll MD5: 46B59D9BD81FDCF84CDE89F6DE725001 Size:399624 %SYSDIR%\GDSys\zlib-1.dll MD5: 8EAD44B60ED70B53CDC47B9D7A5714C7 Size:80954 %SYSDIR%\GDSys\LTKRN13N.dll MD5: A1124ABBD43ADA5EC57ADC92410BCA10 Size:453120 %SYSDIR%\GDSys\dten600.dll MD5: B2C36C79DCBC15F49D954D0A077F0555 Size:1892352 %SYSDIR%\GDSys\C4DLL.DLL MD5: CFCF86BA9FF97097CC91AD2952CA5C39 Size:438272 %SYSDIR%\GDSys\gdmgr.exe MD5: 5EE15623839A8B6A5F1F4A904721EB4A Size:673432 MD5: 81B3AC35E74B4CE8C38C5643D853CFFE Size:748544 %SYSDIR%\GDSys\GDH.dll MD5: BA103FDD8C21190A941C06A6CFCA0B4A Size:211280 MD5: DA8A395BAD299AF7F4E67E827381E2D3 Size:219748 MD5: DA8A395BAD299AF7F4E67E827381E2D3 Size:4294967295 %SYSDIR%\GDSys\BACKUP\instlsp.exe MD5: 191B728346EC50EB93581022AEB518F6 Size:77824 %SYSDIR%\GDSys\BACKUP\gdntfy.exe MD5: FDE934943E063B6A608EBE074C8EDB77 Size:118784 %SYSDIR%\GDSys\BACKUP\GDMgr.exe MD5: BE39EFDAA2623B2B089241308CA0794A Size:730436 %SYSDIR%\GDSys\BACKUP\gdkeeper.exe MD5: BB187C863AA1288F4C0F126C65CC1D3D Size:45056 %SYSDIR%\GDSys\BACKUP\GDH.dll MD5: A42421D1D60D58A0FDF00D0DB3A94562 Size:227940 %SYSDIR%\GDSys\BACKUP\gdext.dll MD5: A1D6FBAC4501FC1A89B7641AA5F3621B Size:57344 %SYSDIR%\GDSys\vbalFlBr6.dll MD5: 9FDB8A72D927888796A4E6A14560CC5F Size:40960 %SYSDIR%\GDSys\SSubTmr6.dll MD5: 1556C5B52A751C31B4CA6FE757704131 Size:40960 %SYSDIR%\GDSys\SpOrder.Dll MD5: B4EFC7E8EDC0D1E2E81D81FA092AC8C4 Size:8704 %SYSDIR%\GDSys\instlsp.exe MD5: B36E94FCA30A169E753A96E644EB5F25 Size:77824 %SYSDIR%\GDSys\gsp.dll MD5: EBDBC35AAA7FDF8286A1CEF8AE955D70 Size:114688 %SYSDIR%\GDSys\GDUpdate.exe MD5: 755520AB6FB00C49D59C2A3A98D99A8A Size:724992 %SYSDIR%\GDSys\gdntfy.exe MD5: 132970B403B4A3EF6CAD1692AF38DA19 Size:114688 %SYSDIR%\GDSys\gdkeeper.exe MD5: 447A67C7D73E72D240DB881FACD78C4A Size:45056 %SYSDIR%\GDSys\gdext.dll MD5: FE8E27FAC949A6384EEBC99AD7F28EF6 Size:57344 %SYSDIR%\GDSys\eztoolslib.dll MD5: 7590B64A5CDF0832DA52E47AC201440E Size:536576 %SYSDIR%\GDSys\ExCalendar.dll MD5: E7D40CD7E00E1864D5622B95BC33AA08 Size:294912 %SYSDIR%\GDSys\dXTList.dll MD5: 225AC91940123ABF94A50320F1A517FD Size:424448 %SYSDIR%\GDSys\dbghelp.dll MD5: 3B5F0BF4125688A531FA21C823EA6193 Size:813568 %SYSDIR%\GDSys\vbalTab6.ocx MD5: BD3E6B6E714A0AF9CFB92788E92B884E Size:61440 MD5: BD3E6B6E714A0AF9CFB92788E92B884E Size:4294967295 %SYSDIR%\GDSys\UNWISE.EXE MD5: 973567B98CDFC147DF4E60471D9DF072 Size:153088 MD5: 973567B98CDFC147DF4E60471D9DF072 Size:4294967295 %SYSDIR%\GDSys\smtp50.ocx MD5: 829E7DD53874F7C649B750422E2BE4B8 Size:141576 MD5: 829E7DD53874F7C649B750422E2BE4B8 Size:4294967295 %SYSDIR%\GDSys\SmartUI2.ocx MD5: ACE50C780D55E6BA472C9AE13E3F42A7 Size:874248 MD5: ACE50C780D55E6BA472C9AE13E3F42A7 Size:4294967295 %SYSDIR%\GDSys\mx50.ocx MD5: B64DDB575C9FA8DDEC5111CC853D1A5D Size:112904 MD5: B64DDB575C9FA8DDEC5111CC853D1A5D Size:4294967295 %SYSDIR%\GDSys\msmask32.ocx MD5: F0AC7872C32CD3AEB4FC9EAC782C6F37 Size:166600 MD5: F0AC7872C32CD3AEB4FC9EAC782C6F37 Size:4294967295 %SYSDIR%\GDSys\GDAdmin.exe MD5: 44EDA81E52A69DB4744B688B5770143C Size:1073152 MD5: 44EDA81E52A69DB4744B688B5770143C Size:4294967295 %SYSDIR%\GDSys\ezAVI26.ocx MD5: 1638D9C724095DC2895C6B4E87D5D913 Size:81920 MD5: 1638D9C724095DC2895C6B4E87D5D913 Size:4294967295 %SYSDIR%\GDSys\GDMgr.exe MD5: A38609CA6A94DA6A3D5F3F3AA8F06A20 Size:693740 MD5: A38609CA6A94DA6A3D5F3F3AA8F06A20 Size:4294967295
Detected Files with variable Filenames: MD5: D56DF2F8517F44A82F2C8D43222F07B5 Size: 122880 %SYSDIR%\GDSys\BACKUP\gsp.dll %SYSDIR%\GDSys\BACKUP\gsp.001

Detecting items list:

Files by Name %SYSDIR%\GDSys\ezAVI26.ocx %SYSDIR%\GDSys\GDAdmin.exe %SYSDIR%\GDSys\GDConfig.dat %SYSDIR%\GDSys\GDH.dll %SYSDIR%\GDSys\GDMgr.exe %SYSDIR%\GDSys\guardian.css %SYSDIR%\GDSys\INSTALL.LOG %SYSDIR%\GDSys\logo.jpeg %SYSDIR%\GDSys\msmask32.ocx %SYSDIR%\GDSys\mx50.ocx %SYSDIR%\GDSys\rrinstall.exe %SYSDIR%\GDSys\SmartUI2.ocx %SYSDIR%\GDSys\smtp50.ocx %SYSDIR%\GDSys\UNWISE.EXE %SYSDIR%\GDSys\vbalTab6.ocx %DESKTOP%\GuardianMonitor.lnk
Files by Directories %SYSDIR%\GDSys
Registry Keys HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Guardian Software
Registry Values HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=GDMgr

« Go to Software Database

Pesquisar em nosso banco de dados de software

Navegar pelo Banco de dados

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias anteriores sobre malware »