Malware

About “Win64/KeyLogger.HomeGuard.H” infection

Malware Removal

The Win64/KeyLogger.HomeGuard.H is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win64/KeyLogger.HomeGuard.H virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the shellcode get eip malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Win64/KeyLogger.HomeGuard.H?



File Info:

name: 2ECF931B7C4733402977.mlw
path: /opt/CAPEv2/storage/binaries/f0ff38462006cbaf5354d17a43354895c6466301ce723fc575325304d416cf8a
crc32: 2677219C
md5: 2ecf931b7c4733402977d37fd24af2d0
sha1: 9eb05b314acf8021981cf74fcd32ea6624170609
sha256: f0ff38462006cbaf5354d17a43354895c6466301ce723fc575325304d416cf8a
sha512: 60a2a179851cdbbf21f3589966b2ca0159e5838b271ec012332e3b2a45d0ae2e86bca9ff0eb71e147eba39909af37cddb3419411bb4fc059e3229d9bd3cae1df
ssdeep: 196608:4DqQOHhQAclMO4+hUMYQwPWpGplR80LhIBIIIIIIIIIIIIIIIIIIIIIIIIIIIIIK:42SMO4+hUMY/PWpGplR8ihIZd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T165E6F7B2DC42D95CEA1C7BB1CF1D4EFC4D9A5D6AEF9088AF92053C50A4B26C1887C64D
sha3_384: 3dab6e4bf8236efb1f45e27e1266760a5bc95a2ff19c49eff61a78cc0ad919ab44045b1e707f7795add8fce31c8b4cac
ep_bytes: e8ba840000e979feffff3b0d60e98100
timestamp: 2011-06-12 17:41:27


Version Info:

CompanyName: Veridium Software
FileDescription: HomeGuard Viewer
FileVersion: 1.4.0.0
InternalName: HomeGuardViewer.exe
LegalCopyright: (c) Veridium Software.  All rights reserved.
OriginalFilename: HomeGuardViewer.exe
ProductName: HomeGuard Viewer
ProductVersion: 1.4.0.0
Translation: 0x0409 0x04e4

Win64/KeyLogger.HomeGuard.H also known as:

BkavW32.Common.EAD07464
SkyhighBehavesLike.Win32.Dropper.th
McAfeeSpyware-HomeGuard.a
Cylanceunsafe
ZillyaTrojan.KeyLogger.Win64.1397
AlibabaRiskWare:Win64/HomeGuard.a175aa81
ESET-NOD32a variant of Win64/KeyLogger.HomeGuard.H
IkarusPUA.KeyLogger.Homeguard
Antiy-AVLTrojan[KeyLogger]/Win64.HomeGuard
XcitiumMalware@#1nw0ctx0mgdrn
MalwarebytesGeneric.Malware/Suspicious
RisingTrojan.Generic@AI.100 (RDML:Q7LnIdnt+hnqzQwVRzFRew)
FortinetRiskware/HomeGuard
DeepInstinctMALICIOUS

How to remove Win64/KeyLogger.HomeGuard.H?

Win64/KeyLogger.HomeGuard.H removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment