Solved! Use GKR.001 (KeyLogger Ardamax) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

GKR.001 – KeyLogger Ardamax removal

FileMD5Virus Alias
GKR.001 513c67ebf0379f75a6920540283a4579 KeyLogger Ardamax
GKR.001 513c67ebf0379f75a6920540283a4579 Trojan SuspiciousFile
GKR.001 513c67ebf0379f75a6920540283a4579 Trojan Downloader
GKR.001 513c67ebf0379f75a6920540283a4579 Trojan CI

GKR.001 size: 62976 bytes
GKR.001 hash: 513C67EBF0379F75A6920540283A4579

Created files:

%SysDir%\YHCOHD\AKV.exe
%SysDir%\YHCOHD\GKR.001
%SysDir%\YHCOHD\GKR.002
%SysDir%\YHCOHD\GKR.004
%SysDir%\YHCOHD\GKR.005
%SysDir%\YHCOHD\GKR.008
%SysDir%\YHCOHD\GKR.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\GKR Start: %WinDir%\System32\YHCOHD\GKR.exe

Detected by UnHackMe:

GKR.001
Default location: %SYSDIR%\YHCOHD\GKR.001

Dropper information:
MD5: 72f2d18dddac329ee0123c9b03ec9298
File size: 1797632 bytes

Leave a Reply