Ardamax.A

A few days ago I noticed that if I leave the system in standby hours, the antivirus (Kaspersky 6.0) detects something like this:

riskware not-a-virus: Monitor.Win32.Ardamax.24 File: C: WINDOWSsystem32SysExplorer.006

then ...

Process (PID 3356) tried to access Kaspersky Anti-Virus 6.0 process (PID 1492), BUT It has been blocked. This is Self-Defense monitoring, and you do not Need to do anything.

I am interested in this Ardamax and found something about it on the website which is presented as a small virus spread and ... low risk .

Propagation: Little

Discovered: 2006 May 09

Risk: Small

Size: 413k

What I understand by BitDefender as "low risk" for him rated so I can not really understand, because Ardamax is a Trojan / Keylogger that hides pretty well in making the system capture passwords (ICQ Pro, Skype, Windows Messenger, Google Talk, Yahoo Messenger, Miranda, QIP, etc). Used successfully C: Windowssystem32svhost.exe to access a protocol for sending data from the computer to the outside. Enough for me to give him enough attention.

Is the creation of a novel virus and is usually sent through a link in email:

"Hello ionut Here I have set the program that all I said ... I give you and IPs to be there alone put them on the net when you go .. look me up! http:// [REMOVED] / vladutz2006 / client.zip "

Summit was that I got a virus antivirus archive downloaded from a torrent. Ingenious way to put a virus. Who did that who was convinced that anti-virus download an archive or not protected at all times has av. weak.

H:Key Kaspersky.Antivirus.2006.v6.0.0.303.Incl [11-Oct-2006]. RarelyKey Kaspersky.Antivirus.2006.v6.0.0.303.Incl [11-Oct-2006]Install.exe

For those "interested" archives viruses found and now: dosc.torrents.ro and www.demonoid.com.

Ardamax.A

About the author

Stealth

Passionate about everything that means gadgets and IT, I write with pleasure stealthsettings.com from 2006 and I like to discover with you new things about computers and operating systems macOS, Linux, Windows, iOS and Android.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment is processed.