Solved! Use GKR.002 (KeyLogger Ardamax) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

GKR.002 – KeyLogger Ardamax removal

File MD5 Virus Alias
GKR.002 1db8aa9ffda07a5f5559cbf25087147b KeyLogger Ardamax
GKR.002 1db8aa9ffda07a5f5559cbf25087147b Trojan SuspiciousFile
GKR.002 1db8aa9ffda07a5f5559cbf25087147b Trojan CI
GKR.002 1db8aa9ffda07a5f5559cbf25087147b Trojan Siggen
GKR.002 1db8aa9ffda07a5f5559cbf25087147b Trojan Agent

GKR.002 size: 45056 bytes
GKR.002 hash: 1DB8AA9FFDA07A5F5559CBF25087147B

Created files:

%SysDir%\YHCOHD\AKV.exe
%SysDir%\YHCOHD\GKR.001
%SysDir%\YHCOHD\GKR.002
%SysDir%\YHCOHD\GKR.004
%SysDir%\YHCOHD\GKR.005
%SysDir%\YHCOHD\GKR.008
%SysDir%\YHCOHD\GKR.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\GKR Start: %WinDir%\System32\YHCOHD\GKR.exe

Detected by UnHackMe:

GKR.002
Default location: %SYSDIR%\YHCOHD\GKR.002

Dropper information:
MD5: 72f2d18dddac329ee0123c9b03ec9298
File size: 1797632 bytes

Leave a Reply