Author Topic: found this in Avast folder using Avast scanner  (Read 3525 times)

0 Members and 1 Guest are viewing this topic.

stone

  • Guest
found this in Avast folder using Avast scanner
« on: June 29, 2006, 04:11:52 AM »
any idea on what below is? Avast found this in Avast folder.

windowsxpactivationhackhomeoemregfile.exe


Stone!

mauserme

  • Guest
Re: found this in Avast folder using Avast scanner
« Reply #1 on: June 29, 2006, 05:35:22 AM »
I have no idea what it is but it's obviously not an avast! file.  What is the exact path?

Did avast! give a virus warning?  If so, what virus? 

Is this is new avast! installation and, if it is, where did you download from?

stone

  • Guest
Re: found this in Avast folder using Avast scanner
« Reply #2 on: June 29, 2006, 06:11:04 AM »
I have no idea what it is but it's obviously not an avast! file.  What is the exact path?

Did avast! give a virus warning?  If so, what virus? 

Is this is new avast! installation and, if it is, where did you download from?

this is a new installation of Avast, got Avast from Avast Website. Below is what I get in log, hope it helps solve it. It came up as Malware, Avast removed it? By the looks of it, locations were in OE (do not use) and Avast.

Just want to find out what this is?

28/06/2006 7:27:25 AM   Stone   1340   Sign of "Win32:Ardamax-gen [Tool]" has been found in "C:\Documents and Settings\Stone\Local Settings\Application Data\Identities\{CC566243-1628-48E9-8C5A-9B255C1C8CE6}\Microsoft\Outlook Express\alt.windows-xp.dbx\windowsxpactivationhackhomeoemregfile.eml#608096\windowsxpactivationhackhomeoemregfile.zip#1768320716\windowsxpactivationhackhomeoemregfile.exe" file. 

28/06/2006 7:49:21 AM   Stone   1340   Sign of "Win32:Ardamax-gen [Tool]" has been found in "C:\Program Files\Alwil Software\Avast4\windowsxpactivationhackhomeoemregfile.exe\windowsxpactivationhackhomeoemregfile.exe" file.


Stone!

mauserme

  • Guest
Re: found this in Avast folder using Avast scanner
« Reply #3 on: June 29, 2006, 01:41:09 PM »
Ardamax is a commercial keylogger. One of the features described on their web site might apply to you (assuming you didn't install this):

"Engine Builder - creates a customized Ardamax Keylogger engine file. You can email this file to your target for remote monitoring. "

The web site is here

http://www.ardamax.com/keylogger.html

stone

  • Guest
Re: found this in Avast folder using Avast scanner
« Reply #4 on: June 29, 2006, 03:41:06 PM »
Ardamax is a commercial keylogger. One of the features described on their web site might apply to you (assuming you didn't install this):

"Engine Builder - creates a customized Ardamax Keylogger engine file. You can email this file to your target for remote monitoring. "

The web site is here

http://www.ardamax.com/keylogger.html


this was not installed, just glad it got removed.

Stone!