i got a warning from my windows defender

C:\Program Files\HTV\HTV.006

please tell me what i do

waiting for your reply

Thanks

Did you install "Ardamax Keylogger"?


please tell me what i do
Implement the Rules (http://virusinfo.info/showthread.php?t=9184) step by step.

okay i read the rules

i have windows vista 32 bit ultimate version

ye i install ardamax keylogger

what i do please tell me

what i do please tell me
Relax.

You should do 3 logs and attach them to this topic :)
Read rules again ;-)
Remember: You should run the avz and hijackthis by the right click on them and choosing an administrator account and put in a suitable password.
HTV.006 99% is from Ardamax Keylogger - you should uninstal Ardamax Keylogger, because it will disturbed our investigation process. Maybe you got other things, that "windows defender" unable to see .

how i uninstall ardamax

how i uninstall ardamaxhow/in what language can we explain you, that you must make 3 logs following the rules? Without these we could only recommend you to flatten and rebuild your system.

Looks like we should change something in our rules. People behave as if the rules were not intelligible.

Looks like we should change something in our rules. People behave as if the rules were not intelligible.
No, Nick. The rules are perfectly all right. The user is confused by the following:

you should uninstal Ardamax Keylogger, because it will disturbed our investigation process. (C) drongo (post 5)
That is a VERY serious warning and something that cannot really be done by using the Add/Remove feature in Windows. You cannot blame the user for trying *not* to 'disturb the investigation process'. ;)

@ amritsaini:

Below are the instructions for manual removal of the Ardamax Keylogger from spywareremove.com. BUT:
You may ruin your system if you don't know what you're doing. Therefore, I urge you to just follow the rules which you can find here (http://virusinfo.info/showthread.php?t=9184).

Manual Removal of Ardamax Keylogger (for experts only!)

Step 1 : Use Windows File Search Tool to Find Ardamax Keylogger Path
1. Go to Start > Search > All Files or Folders.
2. In the "All or part of the the file name" section, type in "Ardamax Keylogger" file name(s).
3. To get better results, select "Look in: Local Hard Drives" or "Look in: My Computer" and then click "Search" button.
4. When Windows finishes your search, hover over the "In Folder" of "Ardamax Keylogger", highlight the file and copy/paste the path into the address bar. Save the file's path on your clipboard because you'll need the file path to delete Ardamax Keylogger in the following manual removal steps.

Step 2 : Use Windows Task Manager to Remove Ardamax Keylogger Processes
1. To open the Windows Task Manager, use the combination of CTRL+ALT+DEL or CTRL+SHIFT+ESC.
2. Click on the "Image Name" button to search for "Ardamax Keylogger" process by name.
3. Select the "Ardamax Keylogger" process and click on the "End Process" button to kill it.
4. Remove the "Ardamax Keylogger" processes files:
nsk.exe
akv.exe
akl.exe,
akv.exe,
nsk.exeakl.exe

Step 3 : Use Registry Editor to Remove Ardamax Keylogger Registry Values
1. To open the Registry Editor, go to Start > Run > type regedit and then press the "OK" button.
2. Locate and delete the entry or entries whose data value (in the rightmost column) is the spyware file(s) detected earlier.
3. To delete "Ardamax Keylogger" value, right-click on it and select the "Delete" option.
4. Locate and delete "Ardamax Keylogger" registry entries:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentV ersionUninstallArdamaxKeylogger
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsAppPaths akl.exe
HKEY_CURRENT_USERSoftwareArdamaxKeyloggerLite
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentV ersionRunNSK
HKEY_LOCAL_MACHINE SOFTWAREMicrosoftWindows CurrentVersionUninstallArdamax

KeyloggerHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindow sCurrentVersionRunArdamaxKeylogger
HKEY_LOCAL_MACHINE SOFTWAREMicrosoftWindowsApp Pathsakl.exe
HKEY_CURRENT_USER SoftwareArdamax Keylogger Lite
HKEY_LOCAL_MACHINE SOFTWAREMicrosoftWindows CurrentVersionRunNSK
HKEY_LOCAL_MACHINE SOFTWAREMicrosoftWindows CurrentVersionRunArdamax Keylogger

Step 4 : Use Windows Command Prompt to Unregister Ardamax Keylogger DLL Files
1. To open the Windows Command Prompt, go to Start > Run > type cmd and then click the "OK" button.
2. Type "cd" in order to change the current directory, press the "space" button, enter the full path to where you believe the Ardamax Keylogger DLL file is located and press the "Enter" button on your keyboard. If you don't know where Ardamax Keylogger DLL file is located, use the "dir" command to display the directory's contents.
3. To unregister "Ardamax Keylogger" DLL file, type in the exact directory path + "regsvr32 /u" + [DLL_NAME] (for example,

:C\Spyware-folder\> regsvr32 /u Ardamax Keylogger.dll) and press the "Enter" button. A message will pop up that says you

successfully unregistered the file.
4. Search and unregister "Ardamax Keylogger" DLL files:
kh.dll
il.dll

Step 5 : Detect and Delete Other Ardamax Keylogger Files
1. To open the Windows Command Prompt, go to Start > Run > type cmd and then press the "OK" button.
2. Type in "dir /A name_of_the_folder" (for example, C:\Spyware-folder), which will display the folder's content even the hidden files.
3. To change directory, type in "cd name_of_the_folder".
4. Once you have the file you're looking for type in "del name_of_the_file".
5. To delete a file in folder, type in "del name_of_the_file".
6. To delete the entire folder, type in "rmdir /S name_of_the_folder".
7. Select the "Ardamax Keylogger" process and click on the "End Process" button to kill it.
8. Remove the "Ardamax Keylogger" processes files:
settings.ini
akv.ini
kh.dll
il.dll
nsk.exe
akv.exe
Paul

p2u , sorry .
I did know that a commercial program haven't real uninstaller, that will remove all drivers, keys, etc...

Thanks P2U

Support from ardamax : that this tool can help
http://ardamax.com/downloads/aklremover.exe