Now that you've received a copy of this, have you tested to see whether or not WormGuard would have stopped it? Pete

Pete,

Since this is your signature:

-{ Quote: "Compaq Presario 7110US, 1.3GHz Athlon w/384KB On-Chip Cache Memory, 768MB PC2100 DDR RAM, 60.0GB MAXTOR UltraDMA HD, WinXP Pro w/SP1, IE6.0 w/SP1, TDS-3, WormGuard, Port Explorer, NOD32, SpyBlocker 6.2, OutPost Pro, ALL javacool programs, SBS&D, SPYCOP" }-

I'll take it this is a rethorical question? ;)

regards.

paul

Believe it or not - I somehow got "over-looked" when copies were being mailed.

Go figure! ;D Pete

-{ Quote: " quoting: spy1 link=board=6;threadid=10419;start=0#msg67601 date=1055886102]
Believe it or not - I somehow got "over-looked" when copies were being mailed.

Go figure! ;D Pete
" }-

No way - can't believe that's actually true ;D

regards.

paul

Most definitely, this thing is full of hostile commands.. as usual for script based worms ;D

I didn't notice a "Yes, it did" or a "No, it didn't" there, Gavin. ;D Pete

Thats a yes :)

Okay, just so I'm totally clear on this (assuming that's possible about me and anything! <g>) -

Simply having WormGuard running on your computer would have prevented infection by KillAV.N even though it was brand-new, unknown and not in anyone's DB?

It would have warned on the file no matter how it came?

Got some screenshots? Pete

Haven't got screenshots sorry :P

Yes, nothing can happen with this trojan, when Wormguard is installed and protecting. Thats a sure thing unless the user unwisely allows it :) Sorry I cant go into it too far, im still carefully analysing the complex trojan/XDCC hack kit mentioned in the TDS thread.

And will be at it for a while yet ! Nasty things these are becoming >:(