« Omega Antivir
Trojan.FakeSpypro »

MonitoringTool.Ardamax

No Comments
SpideyMan By SpideyMan in Keyloggers | 0 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

MonitoringTool.Ardamax Description

MonitoringTool.Ardamax is a commercial keylogging application that can be used as a malicious tool by hackers to obtain your usernames and passwords to online accounts. MonitoringTool.Ardamax usually runs in the background going undetected while it is able to record keystrokes made revealing computer activity to outside attackers.

Type: Keyloggers

How Can You Detect MonitoringTool.Ardamax?

 
 

Download SpyHunter’s Detection Scanner
to Detect MonitoringTool.Ardamax.

 
 

MonitoringTool.Ardamax Technical Report

As new MonitoringTool.Ardamax details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following MonitoringTool.Ardamax files with its MD5s were created in the system:

File Name File Size MD5
WindowsTEYQ.exe 482816 2f49bd1ee6d9e956ac8596992e0d187c
DGJL.exe 483840 a10c0ee1f0006cd3f58809ee8a6ab81f
HFBL.007 5632 b5a87d630436f958c6e1d82d15f98f96
HFBL.006 8192 43f02e9974b1477c1e6388882f233db0
RXMP.exe 483328 d7bd4739313a8e2fc9e080b7d0ba13b2
NWGM.006 7680 e0fcfa7cad88d1a8a462cee6b06cf668
system32SADU.exe 482816 912c55621b4c3f0fb2daef5b4f4f5f4c
system32SADU.007 5632 81938df0dbfee60828e9ce953bdf62e6
norton-db.007 11264 7868a5b112b15f6e2355f953a3abe702
LMXS.007 5632 49e240cd2e8fe880e177e208aaf8feea
RLNH.007 5632 cb619d0de6d26ae77e2ca1766d995272
Explorer.exe 471040 b093b11802ab5c6546742e821c05f3b2
MTVA.exe 487936 b306ff9927251c40c34fe6bfef07756b
TND.exe 470528 b7a532f4b00925d636882e80f49305a8
akl.exe 344064 757df299a81e14a8dda45c279d0709cb
NBAW.exe 483840 7ca78f42e7c88f01fb7fd88321b283ff
HFBL.exe 484864 17535dddecf8cb1efdba1f1952126547
system32EFQX.exe 482816 3c06bbc025b61d2182ef5573f2852bda
EVDP.exe 479232 f9fc72eb1069be8ca262e5c33114ee66

MonitoringTool.Ardamax has typically the following processes in memory:

  • system32EFQX.exe
  • akl.exe
  • EVDP.exe
  • NBAW.exe
  • system32SADU.exe
  • ECMI.exe
  • HFBL.exe
  • TND.exe

MonitoringTool.Ardamax creates the following registry entries:

  • HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN system32EFQX Agent
  • HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN Ardamax Keylogger
  • RUNNING PROGRAMexplorer.exe
  • HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN EVDP
  • HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN NBAW Agent
  • HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN system32SADU Agent
  • HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN ECMI Agent
  • HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN HFBL Agent
  • HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN TND
  • HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN Explorer

Important Article Disclaimer

ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 09/15/09 and is filed under Keyloggers. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs

Follow Us on Twitter

Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2010. Enigma Software Group USA, LLC. All Rights Reserved.