Can anyone tell me how to remove a certain ardamax keylogger from my computer? My online game account passwords have been changed, my friendster list is deleted and my other email accounts. Been a week before Nod32 found that ardamax keylogger inside my computer. but Im still not sure if its fully removed. Im a computer noob. Need an expert's assistance.:'(

Are you talking about this software or a real malware ?
http://www.ardamax.com/keylogger/

ericalbert, thanks for your reply, i think that's the website from which my attacker downloaded the file. i tried using NOD32 but it can't detect any keylogger, i downloaded AntiVir and installed it without uninstalling NOD32, now after scanning, NOD32 popped up a message that antivir has a win32/keylogger.Ardamax.Keylogger, i don't understand now wha'ts happening to my computer. i tried to quarantine it but im still not sure if its totally removed from my computer, because it only detected 1 file, what im trying to say is that it might have a "subfolder or file" and i can't trace it. sorry im just a computer noob trying hard. can u recommend any software that could remove it totally? because of that darned thing my emails got deleted, my online game account passwords have been changed and i can't play it, i've spent so much money on that game.:'(

Looks like u may need HijackThis help for this issue.

Register over at this site,

http://forum.gladiator-antivirus.com/index.php?showtopic=10517

follow the instructions at the link and the experts at Gladiators will guide u on removal of any potential malware found on your system.



snowbound

thanks snowbound. im installing hijackthis right now, i wish they could help me out.

-{ Quote: "thanks snowbound. im installing hijackthis right now, i wish they could help me out." }-
You're welcome.

After u post your log at Gladiators just be patient as it's a busy place.



snowbound

er, snowbound, i think their site is having problems right now. i always end up with this error message,
This menu has been disabled

Gladiator Security Forum


Board Message
Sorry, an error occurred. If you are unsure on how to use a feature, or don't know why you got this error message, try looking through the help files for more information.

The error returned was:
Sorry, you are not permitted to use this board


You are not logged in, you may log in below

even if i click register new account, or whatever i click, i always end up on that page???

It is possible there are problems at the moment.

Can u get to this page without error?

http://gladiator-antivirus.com/forum/index.php?act=Reg&CODE=00




snowbound

Are the cookies enabled for that site?

@snowbound, nope still can't get through. what about u? can u view the website? im so worried about this keylogger, i know that what im typing right now is being recorded!

@Pedro, my cookies settings is default, "medium" i even tried to add the site for "allowed cookies" darn im so noob.>:(

i found this one information about ardamax;

Ardamax Keylogger Lite
Ardamax Keylogger Lite is a free keystroke recorder that captures users activity and saves it to a log file. The log file can be viewed as a text or web page. Use this tool to find out what is happening on your computer while your away, maintain a backup of your typed data automatically or use it to monitor your kids. Also you can use it as a monitoring device for detecting unauthorised access.

Keylogger Features:

It records every keystroke
Application monitoring - keylogger will record the application that was in use that received the keystroke!
Time/Date tracking - it allows you to pinpoint the exact time a window received a keystroke!
Other Features
Windows 95/98/NT/2000/XP support
Automatic startup
Selectable log viewer
Friendly interface


:ouch:

i just finished full scale scan using NOD32, AntiVir, SpyBot S&D, XoftSpy, Elite AntiKeylogger, nothing seems to detect it. the only time NOD32 detects the file is when i scan with AntiVir while NOD32 is running, NOD32 prompted me what to do so i chose to quarantine and delete it. but still every time i scan with AntiVir while NOD32 is active, the same thing happens. seems like it can't get rid of.

First thing I would do is contact them for assistance. They may have a tip or two. http://www.ardamax.com/support.html

er, would they really give me tips how to remove it? i was one of the victim of their software, which is shareware actually. i don't think they'll give me tips to remove it, why, their paying customers wouldn't like it. that's what i think, but i'll try it, im desperate. thank you for replying.

Worth a try. If not, plan b comes into effect. :D

ok, just sent a message to them. my god thanks for helpful guys like you, thanks for replying. i wish i knew how,when and why i have been infected by that keylogger, but i know the reason of the attacker. only to get my online game account. but then he messed up even my friendster and emails.
uhm. what plan b do u have in mind????

I would go to this forum and someone will assist you. Follow instructions. It's a smaller forum and you may get help a little faster there.


http://bfccomputerhelp.com/index.php?showtopic=323

Possibilities:

1- Backup all important files and folders, bookmarks, programs, etc.
Reinstall Windows, apply patches and SP2.
Then image the HD so you can always revert to the clean copy of Windows.
Next install all necessary programs, the ones you use daily.
Re-image the HD so you can always revert to this different setting.

This implies that you have an external HD for backups, and an imaging program. And the patience to do all this. The benefit: from here, you will always be prepared to revert Windows to a clean copy in minutes without hassle.

2- Keep trying and clean. The forum posted above should help you to clean everything. Alternatively, there are programs that you haven't tried yet:) .

@ronjur, thanks for the site, i will now register first and try to look for help.
@Pedro, about the #1, i can't do that alone cause i am really noob on these kind of things. why, i dont even know what's HD. I could call for a computer techinician etc, but i know very well how much it would cost me so im trying for other methods and try to fix this myself. :( Could reformatting delete that keylogger? And can u name some software u think could remove it? thanks so much guys. i realiy appreciate this help.

You've registered, so you must post and wait for help there, or a reply from the makers of said keylogger.

HD, sorry about that, is Hard Drive. Like the one your computer has. External HD is just a Hard Drive that can be plugged to your computer with USB for instance (USB is where you can plug a mouse, or a modem etc.)

Being an external HD, it's only plugged if you say so. You use it just like a CD, and backup files, etc.

An imaging program is a program that copies the entire content of your internal HD (the one inside the computer), bit by bit, so that even Windows goes with it. If you restore an image taken from your computer, everything will be just like you left it when you took the image. Everything you downloaded in between (after taking an image) is gone after you restore said image.

When you reformat a HD, yes, all malware will be gone, except exotic and theoretical malware (malware that you should ignore for now, it's like lightning, it won't happen to you in near future:) ).

BTW, Ardamax is now detected by Spybot S&D. Info from roddy32 (http://www.wilderssecurity.com/showthread.php?t=174768).
I would like to say besides this scanner, my prefered ones are SuperAntispyware (SAS), A-Squared free, AVG Antispyware and Spybot obviously.

After you clean it, be sure to get these / some of these, as backup scanners.