I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
SYSTEM32CRHG.006 – KeyLogger Ardamax removal
| File | MD5 | Virus Alias |
|---|---|---|
| SYSTEM32CRHG.006 | 32dd7b4bc8b6f290b0ece3cc1c011c96 | KeyLogger Ardamax |
| SYSTEM32CRHG.006 | 32dd7b4bc8b6f290b0ece3cc1c011c96 | Trojan Agent |
SYSTEM32CRHG.006 size: 7680 bytes
SYSTEM32CRHG.006 hash: 32DD7B4BC8B6F290B0ECE3CC1C011C96
Created files:
%WinDir%\Cursors\appstar2.ani
%WinDir%\Cursors\appstar3.ani
%WinDir%\Cursors\appstart.ani
%WinDir%\Cursors\banana.ani
%WinDir%\Cursors\barber.ani
%WinDir%\Cursors\coin.ani
%WinDir%\Cursors\counter.ani
%WinDir%\Cursors\dinosau2.ani
%WinDir%\Cursors\dinosaur.ani
%WinDir%\Cursors\drum.ani
%WinDir%\Cursors\fillitup.ani
%WinDir%\Cursors\hand.ani
%WinDir%\Cursors\handapst.ani
%WinDir%\Cursors\handnesw.ani
%WinDir%\Cursors\handno.ani
%WinDir%\Cursors\handns.ani
%WinDir%\Cursors\handnwse.ani
%WinDir%\Cursors\handwait.ani
%WinDir%\Cursors\handwe.ani
%WinDir%\Cursors\horse.ani
%WinDir%\Cursors\hourgla2.ani
%WinDir%\Cursors\hourgla3.ani
%WinDir%\Cursors\hourglas.ani
%WinDir%\Cursors\metronom.ani
%WinDir%\Cursors\piano.ani
%WinDir%\Cursors\rainbow.ani
%WinDir%\Cursors\raindrop.ani
%WinDir%\Cursors\sizenesw.ani
%WinDir%\Cursors\sizens.ani
%WinDir%\Cursors\sizenwse.ani
%WinDir%\Cursors\sizewe.ani
%WinDir%\Cursors\stopwtch.ani
%WinDir%\Cursors\vanisher.ani
%WinDir%\Cursors\wagtail.ani
%WinDir%\ehome\custsat.dll
%WinDir%\explorer.exe
%WinDir%\explorer.scf
%WinDir%\Fonts\8514fix.fon
%WinDir%\Fonts\8514fixe.fon
%WinDir%\Fonts\8514fixg.fon
%WinDir%\Fonts\8514fixr.fon
%SysDir%AKV.exe
%SysDir%CRHG.001
%SysDir%CRHG.006
%SysDir%CRHG.007
%SysDir%CRHG.exe
Detected by UnHackMe:
SYSTEM32CRHG.006
Default location: %SYSDIR%CRHG.006
Dropper information:
MD5: 25bcd00e1df16b2d148713ddcdcdf70f
File size: 513795 bytes