tubui Posted May 4, 2005 Posted May 4, 2005 Hi all I need serious help. My sister downloaded something on the computer, and whenever I boot up the computer it says Ardamax Keylogger, 7 days left please enter serial.. So I used ad aware, avg free edition scanner, spyware blaster, spybot search and destroy and spyware doctor. I have no idea if I deleted or not but whenever I boot up the computer it still pop up the enter serial splash.Please help me remove this. I seached all over google.Please list any programs/advice possible to prevent future keylogs and to delete. Thank you!
KJxp Posted May 5, 2005 Posted May 5, 2005 http://www3.ca.com/securityadvisor/pest/pe...px?id=453079467http://labs.paretologic.com/spyware.aspx?remove=Ardamaxhttp://securityresponse.symantec.com/avcen...re.ardakey.html
tubui Posted May 5, 2005 Author Posted May 5, 2005 The first link, I did not find what they want me to delete.. And the 2nd link I already tried that program.. Nothing was found.. The 3rd link, I don't have Symantec..I think I deleted it when I scanned with the above programs but I want to know why is the splash screen still popping up everytime my window starts..
KJxp Posted May 5, 2005 Posted May 5, 2005 If you see the splash screen BEFORE the standard WinXP startup screen (the black one with the small logo in the middle), then what is the contents of the "BootExecute" in yourHKLM\SYSTEM\CurrentControlSet\Control\Session Managerregistry key?Also try HijackThis from http://www.spywareinfo.com/~merijn/downloads.html
tubui Posted May 5, 2005 Author Posted May 5, 2005 If you see the splash screen BEFORE the standard WinXP startup screen (the black one with the small logo in the middle), then what is the contents of the "BootExecute" in yourHKLM\SYSTEM\CurrentControlSet\Control\Session Managerregistry key?Also try HijackThis from http://www.spywareinfo.com/~merijn/downloads.html<{POST_SNAPBACK}>What?? Ok, I see the splash of Ardamax when I login to my user account.. What do you mean the black one with the small logo in the middle..
dman Posted May 5, 2005 Posted May 5, 2005 This may sound silly, but did you check "add/remove programs"? This program is available for sale as a legit product. since it is advertising its presence it is doubtful that it is an attack.BTW, how you make out with lost partitions?http://www.ardamax.com/keylogger.html
KJxp Posted May 5, 2005 Posted May 5, 2005 >What do you mean the black one with the small logo in the middle.See this picture: http://mysite.verizon.net/res908jb/boot.gifIf your getting it after that screen, then nevermind the BootExecute thing. Like dman said, try removing it from ControlPanel>Add/Remove Programs.
tubui Posted May 6, 2005 Author Posted May 6, 2005 Its not on remove/add programs and I see about that logo. It boots AFTER that.. The thing is that, my sister downloaded this 'hack' for this game. And it had Blazing Tool Perfect Key Logger in it along with Ardamax.. I got rid of bpk, and I think Ardamax also.. But I don't get why its still popping up Ardamax..And about the partitions, its still going bad =(EDIT:The keylogging problem was solved. It turned out that a registry called "Update_Centre" was causing the license key to pop up at startup.. I removed everything except for this.No wonder my Spyware Doctor was showing up that this was blocked in the keylogging section.. But I couldn't find the folder System32 in WINDOWS... Does anyone know why?
KJxp Posted May 6, 2005 Posted May 6, 2005 Do you have system folders hidden?In Explorer: Tools menu > Folder Options > View tab >"Show hidden files and folders"& "Hide protected operating system files"
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now