TFARCHIVE FORUMS

My brother told me one of his friend in school send him a file named ''Facebook'' and extracted it and double-clicked on the only file named ''Install''. Then a window popped up and asked if he wanted to install ''Ardamax Keylogger'' and clicked yes. Then he told me that my anti-spyware popeed up and asked something but closed it. He said he didn't read and just closed it.

Now I don't know if it installed or if that thing is bad. I did get a window pop-up from Norton Security tellnig me that a program file ''HDTX'' was trying to access the internet and asked me if I wanted to block its connection, which I did.

What should I do???



So far I scanned my computer with Spybot, detected multiple HDTX and a another program I forgot the name. Its was something AKI or something.

Scanned with Ad-Aware, found two files and deleted them. Windows Defender didn't found anything.

But all of them I scanned fast, I didn't do full scan except Spybot.

And I restored my system to what it was on June 6. Did that help?

Then I did a full scan with Ad-Aware and found one Ardamax Keylogger in the system volume something.

SimonMK wrote:What should I do???

Stick a crochet needle into his ear and twist.

Oh right, the computer.

Don't blow off doing full scans when you know there's a strong probability of something hiding, especially when a system restore point hasn't done the job.

The keylogger in question is a commercial product -- http://www.ardamax.com/keylogger/ -- meaning it's likely it's been modified by a third party to route captured output to a particular address (as well as installing any other crap whoever did it fancies.) They didn't do a very thorough job if the logger was still labelled as per the original installer, though.

Is there anyway to know if there any of it left in my computer?

I did multiple full scans yesterday and didn't find anything related to Ardamax.

In another board, I was told to check that website:

http://www.spywareremove.com/removeArda ... ogger.html

So I used the SpyHunter thing, didn't detect anything too. I followed the steps for manual removal and also found nothing.

Am I safe now?

SimonMK wrote:Am I safe now?

Have you stabbed your friend in the ear, as per instructions? Prevention > Cure.

SimonMK wrote:Am I safe now?

Don't assume it was software as supplied by the developers of the keylogger that was installed, or that it was the only thing installed.

Denyer wrote:Don't assume it was software as supplied by the developers of the keylogger that was installed, or that it was the only thing installed.

From what my brother said, one of his friend in his school send him a folder called ''Facebook'' which it was typed that was photos of his marriage.

It was a zip file, my brother extracted it and inside was a program called just ''Install''. Double-clicked on it, a window appear and disappear very quickly then another window appeared and asked if he wanted to install ''Ardamax Keylogger'' which my brother didn't know what it was.

He clicked ''Yes'' then nothing happened except my ''Spybot- Search & Destroy'' detected something and a window of it appeared but he closed it.

Thats all I know from what happened. He did say he going to talk with the friend in his school but didn't seen him the whole day.