Computer noob got his pc infected with ardamax keylogger.

Discussion in 'privacy problems' started by mantraisms, May 14, 2007.

Thread Status:
Not open for further replies.
  1. mantraisms

    mantraisms Registered Member

    Joined:
    May 14, 2007
    Posts:
    10
    Can anyone tell me how to remove a certain ardamax keylogger from my computer? My online game account passwords have been changed, my friendster list is deleted and my other email accounts. Been a week before Nod32 found that ardamax keylogger inside my computer. but Im still not sure if its fully removed. Im a computer noob. Need an expert's assistance.:'(
     
  2. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
  3. mantraisms

    mantraisms Registered Member

    Joined:
    May 14, 2007
    Posts:
    10
    ericalbert, thanks for your reply, i think that's the website from which my attacker downloaded the file. i tried using NOD32 but it can't detect any keylogger, i downloaded AntiVir and installed it without uninstalling NOD32, now after scanning, NOD32 popped up a message that antivir has a win32/keylogger.Ardamax.Keylogger, i don't understand now wha'ts happening to my computer. i tried to quarantine it but im still not sure if its totally removed from my computer, because it only detected 1 file, what im trying to say is that it might have a "subfolder or file" and i can't trace it. sorry im just a computer noob trying hard. can u recommend any software that could remove it totally? because of that darned thing my emails got deleted, my online game account passwords have been changed and i can't play it, i've spent so much money on that game.:'(
     
  4. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
  5. mantraisms

    mantraisms Registered Member

    Joined:
    May 14, 2007
    Posts:
    10
    thanks snowbound. im installing hijackthis right now, i wish they could help me out.
     
  6. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    You're welcome.

    After u post your log at Gladiators just be patient as it's a busy place.



    snowbound
     
  7. mantraisms

    mantraisms Registered Member

    Joined:
    May 14, 2007
    Posts:
    10
    er, snowbound, i think their site is having problems right now. i always end up with this error message,
    This menu has been disabled

    Gladiator Security Forum


    Board Message
    Sorry, an error occurred. If you are unsure on how to use a feature, or don't know why you got this error message, try looking through the help files for more information.

    The error returned was:
    Sorry, you are not permitted to use this board


    You are not logged in, you may log in below

    even if i click register new account, or whatever i click, i always end up on that pageo_O
     
  8. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
  9. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Are the cookies enabled for that site?
     
  10. mantraisms

    mantraisms Registered Member

    Joined:
    May 14, 2007
    Posts:
    10
    @snowbound, nope still can't get through. what about u? can u view the website? im so worried about this keylogger, i know that what im typing right now is being recorded!

    @Pedro, my cookies settings is default, "medium" i even tried to add the site for "allowed cookies" darn im so noob.:mad:
     
  11. mantraisms

    mantraisms Registered Member

    Joined:
    May 14, 2007
    Posts:
    10
    i found this one information about ardamax;

    Ardamax Keylogger Lite
    Ardamax Keylogger Lite is a free keystroke recorder that captures users activity and saves it to a log file. The log file can be viewed as a text or web page. Use this tool to find out what is happening on your computer while your away, maintain a backup of your typed data automatically or use it to monitor your kids. Also you can use it as a monitoring device for detecting unauthorised access.

    Keylogger Features:

    It records every keystroke
    Application monitoring - keylogger will record the application that was in use that received the keystroke!
    Time/Date tracking - it allows you to pinpoint the exact time a window received a keystroke!
    Other Features
    Windows 95/98/NT/2000/XP support
    Automatic startup
    Selectable log viewer
    Friendly interface


    :ouch:
     
  12. mantraisms

    mantraisms Registered Member

    Joined:
    May 14, 2007
    Posts:
    10
    i just finished full scale scan using NOD32, AntiVir, SpyBot S&D, XoftSpy, Elite AntiKeylogger, nothing seems to detect it. the only time NOD32 detects the file is when i scan with AntiVir while NOD32 is running, NOD32 prompted me what to do so i chose to quarantine and delete it. but still every time i scan with AntiVir while NOD32 is active, the same thing happens. seems like it can't get rid of.
     
  13. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,779
    Location:
    Texas
  14. mantraisms

    mantraisms Registered Member

    Joined:
    May 14, 2007
    Posts:
    10
    er, would they really give me tips how to remove it? i was one of the victim of their software, which is shareware actually. i don't think they'll give me tips to remove it, why, their paying customers wouldn't like it. that's what i think, but i'll try it, im desperate. thank you for replying.
     
  15. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,779
    Location:
    Texas
    Worth a try. If not, plan b comes into effect. :D
     
  16. mantraisms

    mantraisms Registered Member

    Joined:
    May 14, 2007
    Posts:
    10
    ok, just sent a message to them. my god thanks for helpful guys like you, thanks for replying. i wish i knew how,when and why i have been infected by that keylogger, but i know the reason of the attacker. only to get my online game account. but then he messed up even my friendster and emails.
    uhm. what plan b do u have in mindo_O?
     
  17. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,779
    Location:
    Texas
  18. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Possibilities:

    1- Backup all important files and folders, bookmarks, programs, etc.
    Reinstall Windows, apply patches and SP2.
    Then image the HD so you can always revert to the clean copy of Windows.
    Next install all necessary programs, the ones you use daily.
    Re-image the HD so you can always revert to this different setting.

    This implies that you have an external HD for backups, and an imaging program. And the patience to do all this. The benefit: from here, you will always be prepared to revert Windows to a clean copy in minutes without hassle.

    2- Keep trying and clean. The forum posted above should help you to clean everything. Alternatively, there are programs that you haven't tried yet:) .
     
  19. mantraisms

    mantraisms Registered Member

    Joined:
    May 14, 2007
    Posts:
    10
    @ronjur, thanks for the site, i will now register first and try to look for help.
    @Pedro, about the #1, i can't do that alone cause i am really noob on these kind of things. why, i dont even know what's HD. I could call for a computer techinician etc, but i know very well how much it would cost me so im trying for other methods and try to fix this myself. :( Could reformatting delete that keylogger? And can u name some software u think could remove it? thanks so much guys. i realiy appreciate this help.
     
  20. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    You've registered, so you must post and wait for help there, or a reply from the makers of said keylogger.

    HD, sorry about that, is Hard Drive. Like the one your computer has. External HD is just a Hard Drive that can be plugged to your computer with USB for instance (USB is where you can plug a mouse, or a modem etc.)

    Being an external HD, it's only plugged if you say so. You use it just like a CD, and backup files, etc.

    An imaging program is a program that copies the entire content of your internal HD (the one inside the computer), bit by bit, so that even Windows goes with it. If you restore an image taken from your computer, everything will be just like you left it when you took the image. Everything you downloaded in between (after taking an image) is gone after you restore said image.

    When you reformat a HD, yes, all malware will be gone, except exotic and theoretical malware (malware that you should ignore for now, it's like lightning, it won't happen to you in near future:) ).
     
  21. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    BTW, Ardamax is now detected by Spybot S&D. Info from roddy32.
    I would like to say besides this scanner, my prefered ones are SuperAntispyware (SAS), A-Squared free, AVG Antispyware and Spybot obviously.

    After you clean it, be sure to get these / some of these, as backup scanners.
     
Thread Status:
Not open for further replies.