Search&Destroy showed 35 registry entries of GuardianMonitor but I did not have any of the files or folders that GuardianMonitor is supposed to create if it is installed. Wondering if anyone else has seen this.
Search&Destroy showed 35 registry entries of GuardianMonitor but I did not have any of the files or folders that GuardianMonitor is supposed to create if it is installed. Wondering if anyone else has seen this.
The detections for "GuardianMonitor" were listed as updates among the updates for 2007-04-25. See:
I suggest that you post the actual "35 registry entries of GuardianMonitor" that you are getting so that someone can take a look at them. To do that:
- Run another scan.
- When the scan completes, right click on the results list, select "Copy results to clipboard".
- Then paste (Ctrl+V) those results to a new post in this thread.
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{36A0E3F8-5BD1-4ED6-B6D1-4519A2FC6D23}
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{697DF023-B24E-11D3-B57C-00105AA461D0}
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{697DF025-B24E-11D3-B57C-00105AA461D0}
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{697DF027-B24E-11D3-B57C-00105AA461D0}
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{697DF029-B24E-11D3-B57C-00105AA461D0}
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{697DF02B-B24E-11D3-B57C-00105AA461D0}
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{697DF02D-B24E-11D3-B57C-00105AA461D0}
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{798CBE35-B27D-11D3-B57C-00105AA461D0}
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{A967E5D2-B0E1-11D3-B57C-00105AA461D0}
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{A967E5D6-B0E1-11D3-B57C-00105AA461D0}
GuardianMonitor: Type library (Registry key, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{A967E5C4-B0E1-11D3-B57C-00105AA461D0}
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Dten600.FileConverter
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Dten600.FileConverter.1
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{697DF027-B24E-11D3-B57C-00105AA461D0}
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Dten600.IndexJob
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Dten600.IndexJob.1
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{697DF023-B24E-11D3-B57C-00105AA461D0}
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\dten600.JobErrorInfo
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\dten600.JobErrorInfo.1
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A967E5D6-B0E1-11D3-B57C-00105AA461D0}
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Dten600.Options
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Dten600.Options.1
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{697DF02B-B24E-11D3-B57C-00105AA461D0}
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Dten600.SearchJob
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Dten600.SearchJob.1
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{697DF025-B24E-11D3-B57C-00105AA461D0}
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Dten600.SearchReportJob
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Dten600.SearchReportJob.1
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{697DF029-B24E-11D3-B57C-00105AA461D0}
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Dten600.SearchResults
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Dten600.SearchResults.1
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{798CBE35-B27D-11D3-B57C-00105AA461D0}
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Dten600.WordListBuilder
GuardianMonitor: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Dten600.WordListBuilder.1
GuardianMonitor: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{697DF02D-B24E-11D3-B57C-00105AA461D0}
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-04-09 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-04-18 advcheck.dll (1.5.1.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-04-25 Includes\Cookies.sbi (*)
2006-12-08 Includes\Dialer.sbi (*)
2007-04-25 Includes\DialerC.sbi (*)
2007-04-04 Includes\Hijackers.sbi (*)
2007-04-25 Includes\HijackersC.sbi (*)
2006-10-27 Includes\Keyloggers.sbi (*)
2007-04-25 Includes\KeyloggersC.sbi (*)
2007-03-21 Includes\Malware.sbi (*)
2007-04-25 Includes\MalwareC.sbi (*)
2007-03-21 Includes\PUPS.sbi (*)
2007-04-25 Includes\PUPSC.sbi (*)
2007-04-25 Includes\Revision.sbi (*)
2006-12-08 Includes\Security.sbi (*)
2007-04-25 Includes\SecurityC.sbi (*)
2007-03-21 Includes\Spybots.sbi (*)
2007-04-25 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti
2007-04-25 Includes\Trojans.sbi (*)
2007-04-25 Includes\TrojansC.sbi (*)
I have the same problem. I attached my zip file with logs and exported registry.
Thanks in advance.
This Symantec article appears to indicate that those entries are connected with a product they call Spyware.GuardMon:
- Spyware.GuardMon
http://www.symantec.com/security_res...337-99&tabid=1
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
Last edited by md usa spybot fan; 2007-04-26 at 07:08.
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
beancowboys:
See Yodama's comments here:
- GuardianMonitor FP?
http://forums.spybot.info/showthread.php?t=13239
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
I had read the spyware.guardmon on symantec but the latest defs did not pick up these 35 reg keys nor did I have any of the files or folders symantec says it adds so I can not follow the removal process.