new nod 3.0 didnt find old ardamxx keylogger

I tried out the new Nod32 3.0 RC1 and had done a whole scan of the drives, came up clean. Later on i was looking at the ports and programs that were open in nod32. It was just with luck that i noticed port 25 open and yahoo smtp uploading to a mailbox. It turned off after 10 secs. It had gone. I thought that strange i have no yahoo and not using port 25. Something was amiss. I rescanned with nod, Nothing. I then downloaded prevx csi free scanner and it had found the ardamaxx scanner 2006 but couldnt remove due to it being free version. I thought wow Nod32 should of found this. Is it because its new 3.0 beta i thought. Hmmmm. Anyway i managed to get rid of it using kaspersky straight away. It found it immediately on bootup after install. No thanks to nod but my keen eye found it. Most would of been none the wiser it was there.

 

You haven't enabled detection for potentially unsafe tools . Eset detect this as such unsafe tool because it is commercial application.

See , it is detected:




By the way , the home page of ardamax must have been hacked because upon opening the index , my ESS (web protection in Passive mode) detected the ANI exploit and IE7 crashed ,no matter mine is updated

 

well thanks for your info+screenshot, that explains it.

wow

 

You are welcome!