A few days ago I noticed that if I leave the system in standby hours, the antivirus (Kaspersky 6.0) detects something like this:

risk-not-a-virus: Monitor.Win32.Ardamax.24 File: C: WINDOWSsystem32SysExplorer. 006

then ...

Process (PID 3356) tried to access Kaspersky Anti-Virus 6.0 process (PID 1492), BUT It has been blocked. This is Self-Defense monitoring, and you do not Need to do anything.

I am interested in this Ardamax and found something about it on the website which is presented as a small virus spread and ... low risk .

Propagation: Mica

Discovered: 2006 May 09

Risk: Small

Size: 413 k

What I understand by BitDefender as "low risk" for him rated so I can not really understand, because Ardamax is a Trojan / Keylogger that hides pretty well in making the system capture passwords (ICQ Pro, Skype, Windows Messenger, Google Talk, Yahoo Messenger, Miranda, QiP, etc). Use C successfully:Windowssystem32svhost.exe to access a protocol for sending data from the computer to the outside. Enough for me to give him enough attention.

Is the creation of a novel virus and is usually sent through a link in email:

"Hello ionut Here I have set the program that all I said ... I give you and IPs to be there alone put them on the net when you go .. look me up! http:// [REMOVED] / vladutz2006 / "

Summit was that I got a virus antivirus archive downloaded from a torrent. Ingenious way to put a virus. Who did that who was convinced that anti-virus download an archive or not protected at all times has av. weak.

H:Key Kaspersky.Antivirus.2006.v6.0.0.303.Incl [11-Oct-2006]. RarelyKey Kaspersky.Antivirus.2006.v6.0.0.303.Incl [11-Oct-2006]Install.exe

For those "interested" archives viruses found and now: and


About the author


Passionate about everything that means gadget and IT, I am pleased to write on from 2006 and I love to discover new things about computers and macOS, Linux operating systems, Windows, iOS and Android.

Leave a Comment