Click on screenshot to zoom
Danger level 8
Type: Keyloggers

MonitoringTool.Ardamax

MonitoringTool.Ardamax is a commercial Keylogger application, which was designed to record and capture all actions on a computer system, including the keystrokes entered into the system.

MonitoringTool.Ardamax is highly capable of being configured to stealth mode, complete with password protection, so as to remain undetected by the system’s user, and in order to carry out its objectives, undisturbed.

MonitoringTool.Ardamax is a powerful, invisible keylogger that will log a users’ activity and save it to an encrypted log file.

The thing that sets MonitoringTool.Ardamax apart from most keyloggers is the fact that MonitoringTool.Ardamax is highly customized, easy to use, and creates exceptionally small custom keylogger engines, in order to deploy these keylogger engines on remote platforms.

MonitoringTool.Ardamax is notorious for capturing all keyboard activities to a file. Each character typed on the keyboard is logged, which is then used to monitor the activity of the user.

MonitoringTool.Ardamax will continue to log the names of programs used and the date and time of the inputted characters. All access to the Keylogger is password protected and is only made possible via the MonitoringTool.Ardamax control panel.

MonitoringTool.Ardamax is sometimes configured in such a manner so as to allow for the logging of every web page the user visits, as well as to record all keystrokes that the user enters on the keyboard.

MonitoringTool.Ardamax may also be capable of severely violating an infected system’s privacy, and the safety of personal and financial data, making no exclusion of banking and credit card information.

In order to protect a computer system from the threat of MonitoringTool.Ardamax one should adhere to the following rules:

1. Keep your Windows security updated
2. Download and install a reliable and competent antispyware application; one that will recognise the current MonitoringTool.Ardamax threat, as well as any other forms of spyware, malware, viruses, worms, etc.

The most important thing to remember when it comes to this PC parasite, MonitoringTool.Ardamax, is to remove it as soon as it has been detected on a computer system.

Download Spyware Removal Tool to Remove* MonitoringTool.Ardamax
  • Quick & tested solution for MonitoringTool.Ardamax removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove MonitoringTool.Ardamax

Files associated with MonitoringTool.Ardamax infection:

TND.exe
HFBL.exe
LMXS.007
EVDP.exe
HFBL.007
Explorer.exe
system32EFQX.exe
MTVA.exe
NWGM.006
system32SADU.007
WindowsTEYQ.exe
RXMP.exe
NWGM.006
MTVA.exe
HFBL.007
HFBL.006
DGJL.exe
Explorer.exe
RLNH.007
LMXS.007
norton-db.007
system32SADU.007
system32SADU.exe
TND.exe
akl.exe
NBAW.exe
HFBL.exe
system32EFQX.exe
EVDP.exe
ECMI.exe
NBAW.exe
RLNH.007
system32SADU.exe
WindowsTEYQ.exe
akl.exe
DGJL.exe
RXMP.exe
HFBL.006
norton-db.007

MonitoringTool.Ardamax processes to kill:

MTVA.exe
TND.exe
system32SADU.exe
RXMP.exe
akl.exe
system32EFQX.exe
EVDP.exe
DGJL.exe
WindowsTEYQ.exe
RXMP.exe
MTVA.exe
DGJL.exe
Explorer.exe
system32SADU.exe
TND.exe
akl.exe
NBAW.exe
HFBL.exe
system32EFQX.exe
EVDP.exe
ECMI.exe
WindowsTEYQ.exe
HFBL.exe
Explorer.exe
NBAW.exe

Remove MonitoringTool.Ardamax registry entries:

HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN ECMI Agent
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN EVDP
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN system32EFQX Agent
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN HFBL Agent
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN NBAW Agent
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN Ardamax Keylogger
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN TND
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN system32SADU Agent
RUNNING PROGRAMexplorer.exe
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ECMI Agent
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ EVDP
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ system32EFQX Agent
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ HFBL Agent<
Disclaimer

Comments

  1. y Jul 2, 2011

    what???

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.