« Raptor
Email-Worm.Zhelatin.agg, Trojan.Refpron, Trojan-PSW.OnLineGames, more – SpyHunter Update v.9.15 »

Ardamax Keylogger

No Comments
GoldSparrow By GoldSparrow in Keyloggers | 38 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

Ardamax Keylogger Description

Ardamax Keylogger is a commercial keylogger that tracks the user’s online activity and records every keystroke typed. Ardamax Keylogger has the uncanny ability of being able to conceal itself while running. Logs are sent to a configurable email address or uploaded to a predefined FTP server. Ardamax Keylogger must be manually installed. Ardamax Keylogger runs on every Windows startup. Ardamax may put the user’s most sensitive financial and private personal data at risk.

Type: Keyloggers

Automatic Detection of Ardamax Keylogger

 
 

Download SpyHunter’s Detection Scanner
to Detect Ardamax Keylogger.

 
 

Ardamax Keylogger Technical Report

As new Ardamax Keylogger details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following Ardamax Keylogger files with its MD5s were created in the system:

File Name File Size MD5
NQND.exe 933888 6768ba61744862704760b66ce8f8fdd4
svchost.exe 525312 0c7a714b8e1d2ead2afc90dcc43bbe18
LOFJ.006 8192 e44628a2b8e2044ebb635eed3d5f79d9
MFGN.exe 484864 3c90d45b1c004e86a7f7a7a340f1abc8
POL.exe 665088 2bff0c75a04401dada0adfab933e46a7
NWGM.007 5632 ca72cd485d116033f1b776903ce7ee0a
LOFJ.007 5632 75d6279af7fa9545ba7b7b01a85d2e12
VXJQ.exe 483840 346114aaad81ab66017869909fe59a6d
XPSF.exe 484864 97d8ad45f48b4b28a93aab94699b7168
HTV.006 8192 8499922ab422c17e550a724083be50c7
HTV.007 5632 b128c2f3eafaff6725ed554a2a21b72f

Ardamax Keylogger has typically the following processes in memory:

  • nsk.exe
  • %SYSTEMROOT%\system32\28463\NQND.exe
  • akv.exe
  • kh.dll
  • akl.exe
  • il.dll

Ardamax Keylogger creates the following registry entries:

  • HKEY_CURRENT_USERSoftwareArdamaxKeyloggerLite
  • HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunNSK
  • HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallArdamaxKeylogger
  • HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunArdamaxKeylogger
  • HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsAppPathsakl.exe

Important Article Disclaimer

article disclaimer
ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 08/27/08 and is filed under Keyloggers. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs


Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2009. Enigma Software Group USA, LLC. All Rights Reserved.