The file PDR.EXE is identified as the Trojan Program that is used for stealing bank information and users passwords.
To delete PDR.EXE we suggest you should use UnHackMe:
http://www.unhackme.com
Malware Analysis of PDR.EXE
Full path on a computer: %Common Appdata%\ILISRP\PDR.exe
Detected by UnHackMe:
PDR.EXE
Default location: %Common Appdata%\ILISRP\PDR.exe
Removal Results: Success
Number of reboot: 1
PDR.EXE is known as:
Trojan.Monder, Trojan ( 00403a7a1 ), Trojan.Monder.blojxm, TSPY_ARDAMAX.BMC, not-a-virus:RiskTool.Inject.di, RiskTool.Inject.iv1.uMYrxmk, Trojan.KeyLogger.16217, Troj.Monder.nz.(kcloud), MonitoringTool.Ardamax, Trojan.Agent.Gen-Graftor, a variant of Win32.KeyLogger.Ardamax.NBP, Malware_fam.NB, Ardamax.BWR, Hacktool.Keylogger.34
PDR.EXE hash:
- MD5: c8b249cca65b74585eab63bb17375efd
How to quickly detect PDR.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\PDR Start: “%Common Appdata%\ILISRP\PDR.exe”
Folders:- %Common Appdata%\GZP
- %Common Appdata%\ILISRP
Files:- %Common Appdata%\GZP\PDR.004
- %Common Appdata%\ILISRP\PDR.00
- %Common Appdata%\ILISRP\PDR.01
- %Common Appdata%\ILISRP\PDR.02
- %Common Appdata%\ILISRP\PDR.exe
- %Temp%\Card va Nick.txt