Ardamax Keylogger Results

Discussion in 'Image Gallery' started by spy1, Jun 11, 2008.

Thread Status:
Not open for further replies.
  1. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    In reference to this thread: http://www.misec.net/forum/board/THGuard/1213034745


    6/11/2008 8:40:01 AM Real-time file system protection file C:\Program Files\PDM\PDM.exe a variant of Win32/KeyLogger.Ardamax application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\Program Files\TrojanHunter 5.0\TrojanHunter.exe.
     

    Attached Files:

  2. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    I updated the thread there at the TH forum, if anyone's interested. Pete

    NOD32 caught it by itself when I finally set NOD right

    6/11/2008 11:04:38 AM Real-time file system protection file C:\PROGRAM FILES\PDM\PDM.EXE a variant of Win32/KeyLogger.Ardamax application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\Program Files\PDM\PDM.exe.

    *Note - All results posted here were done using only the trial version of the keylogger - I have no idea whether results would vary if I used the full version, because I'm not about to purchase it. The full version has a lot of nifty "stealth" features that the "trial" version doesn't. So, detection of the "full" (registered) version is problematic. I'm sure you're all also aware of the fact that someone with un-hindered access to your computer could both install, hide and allow the keylogger to run invisibly if you did not have your A/V pass-word protected (same goes for SpyCop).
     
    Last edited: Jun 11, 2008
Thread Status:
Not open for further replies.