Malware Info: Ardamax.Keylogger Spyware

Removing Ardamax.Keylogger
Categories: Spyware
Spyware is computer software that is installed surreptitiously on a personal computer
to with the computer, without the user's informed consent.

Visible Symptoms:
Files in system folders:

 
[%PROGRAM_FILES%]\WGV\menu.gif
[%PROGRAM_FILES%]\WGV\tray.gif
[%SYSTEM%]\Explorer.006
[%SYSTEM%]\Explorer.007
[%PROGRAM_FILES%]\nsk\akv.exe
[%PROGRAM_FILES%]\nsk\nsk.exe
[%PROGRAM_FILES%]\TND\AKV.exe
[%PROGRAM_FILES%]\TND\akv.ini
[%PROGRAM_FILES%]\TND\menu.gif
[%PROGRAM_FILES%]\TND\qs.html
[%PROGRAM_FILES%]\TND\TND.002
[%PROGRAM_FILES%]\TND\TND.003
[%PROGRAM_FILES%]\TND\TND.004
[%PROGRAM_FILES%]\TND\TND.006
[%PROGRAM_FILES%]\TND\TND.007
[%PROGRAM_FILES%]\TND\TND.chm
[%PROGRAM_FILES%]\TND\TND.exe
[%PROGRAM_FILES%]\TND\tray.gif
[%PROGRAM_FILES%]\TND\Uninstall.exe
[%SYSTEM%]\nsk.exe
[%SYSTEM%]\Sys\AKV.exe
[%SYSTEM%]\Sys\PEFK.001
[%SYSTEM%]\Sys\PEFK.005
[%SYSTEM%]\Sys\PEFK.006
[%SYSTEM%]\Sys\PEFK.007
[%SYSTEM%]\Sys\PEFK.exe
[%PROGRAM_FILES%]\WGV\menu.gif
[%PROGRAM_FILES%]\WGV\tray.gif
[%SYSTEM%]\Explorer.006
[%SYSTEM%]\Explorer.007
[%PROGRAM_FILES%]\nsk\akv.exe
[%PROGRAM_FILES%]\nsk\nsk.exe
[%PROGRAM_FILES%]\TND\AKV.exe
[%PROGRAM_FILES%]\TND\akv.ini
[%PROGRAM_FILES%]\TND\menu.gif
[%PROGRAM_FILES%]\TND\qs.html
[%PROGRAM_FILES%]\TND\TND.002
[%PROGRAM_FILES%]\TND\TND.003
[%PROGRAM_FILES%]\TND\TND.004
[%PROGRAM_FILES%]\TND\TND.006
[%PROGRAM_FILES%]\TND\TND.007
[%PROGRAM_FILES%]\TND\TND.chm
[%PROGRAM_FILES%]\TND\TND.exe
[%PROGRAM_FILES%]\TND\tray.gif
[%PROGRAM_FILES%]\TND\Uninstall.exe
[%SYSTEM%]\nsk.exe
[%SYSTEM%]\Sys\AKV.exe
[%SYSTEM%]\Sys\PEFK.001
[%SYSTEM%]\Sys\PEFK.005
[%SYSTEM%]\Sys\PEFK.006
[%SYSTEM%]\Sys\PEFK.007
[%SYSTEM%]\Sys\PEFK.exe

How to detect Ardamax.Keylogger:

Files: [%PROGRAM_FILES%]\WGV\menu.gif [%PROGRAM_FILES%]\WGV\tray.gif [%SYSTEM%]\Explorer.006 [%SYSTEM%]\Explorer.007 [%PROGRAM_FILES%]\nsk\akv.exe [%PROGRAM_FILES%]\nsk\nsk.exe [%PROGRAM_FILES%]\TND\AKV.exe [%PROGRAM_FILES%]\TND\akv.ini [%PROGRAM_FILES%]\TND\menu.gif [%PROGRAM_FILES%]\TND\qs.html [%PROGRAM_FILES%]\TND\TND.002 [%PROGRAM_FILES%]\TND\TND.003 [%PROGRAM_FILES%]\TND\TND.004 [%PROGRAM_FILES%]\TND\TND.006 [%PROGRAM_FILES%]\TND\TND.007 [%PROGRAM_FILES%]\TND\TND.chm [%PROGRAM_FILES%]\TND\TND.exe [%PROGRAM_FILES%]\TND\tray.gif [%PROGRAM_FILES%]\TND\Uninstall.exe [%SYSTEM%]\nsk.exe [%SYSTEM%]\Sys\AKV.exe [%SYSTEM%]\Sys\PEFK.001 [%SYSTEM%]\Sys\PEFK.005 [%SYSTEM%]\Sys\PEFK.006 [%SYSTEM%]\Sys\PEFK.007 [%SYSTEM%]\Sys\PEFK.exe [%PROGRAM_FILES%]\WGV\menu.gif [%PROGRAM_FILES%]\WGV\tray.gif [%SYSTEM%]\Explorer.006 [%SYSTEM%]\Explorer.007 [%PROGRAM_FILES%]\nsk\akv.exe [%PROGRAM_FILES%]\nsk\nsk.exe [%PROGRAM_FILES%]\TND\AKV.exe [%PROGRAM_FILES%]\TND\akv.ini [%PROGRAM_FILES%]\TND\menu.gif [%PROGRAM_FILES%]\TND\qs.html [%PROGRAM_FILES%]\TND\TND.002 [%PROGRAM_FILES%]\TND\TND.003 [%PROGRAM_FILES%]\TND\TND.004 [%PROGRAM_FILES%]\TND\TND.006 [%PROGRAM_FILES%]\TND\TND.007 [%PROGRAM_FILES%]\TND\TND.chm [%PROGRAM_FILES%]\TND\TND.exe [%PROGRAM_FILES%]\TND\tray.gif [%PROGRAM_FILES%]\TND\Uninstall.exe [%SYSTEM%]\nsk.exe [%SYSTEM%]\Sys\AKV.exe [%SYSTEM%]\Sys\PEFK.001 [%SYSTEM%]\Sys\PEFK.005 [%SYSTEM%]\Sys\PEFK.006 [%SYSTEM%]\Sys\PEFK.007 [%SYSTEM%]\Sys\PEFK.exe

Folders: [%PROGRAMS%]\ardamax keylogger [%PROGRAM_FILES%]\ckm [%PROGRAM_FILES%]\fkg

Registry Keys: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ardamax keylogger

Registry Values: HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\userassist\{75048700-ef1f-11d0-9888-006097deacf9}\count HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\userassist\{75048700-ef1f-11d0-9888-006097deacf9}\count HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\userassist\{75048700-ef1f-11d0-9888-006097deacf9}\count HKEY_CURRENT_USER\software\microsoft\windows\shellnoroam\muicache\[%SYSTEM%]\sys HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Ardamax.Keylogger:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Malware Info

Blog Archive

About Me

Tuesday, November 11, 2008

Ardamax.Keylogger Spyware

How to detect Ardamax.Keylogger:

Removing Ardamax.Keylogger:

No comments: