mooseboy84
February 2nd, 2005, 01:07 AM
i do not think your software does. mind you i am using an evaluation copy demo i downloaded from the site, but i found something Very suspicious that TDS-3 did not detect.
ill first give a bit of a background. i leave my comp on 24/7, so about a week ago i come to my computer and it says. "nortons has encounted a problem and needs to be uninstalled". so then i go to uninstall nortons, and thus begins my problems. nortons wouldnt uninstall correctly. so then i go to manually delete the registry keys it made... but i discover i cant use regedit, because "registry editing has been disabled by administrator". i have been using this system since novemeber when i reformated, but i couldnt recall using regedit since then.
when i saw that message, i Instantly thought of a virus. i had read on this forum about operation guard, or some viruses shutting down anti virus software.
i looked at my Task Manager, and the Only thing that looked out of place was something called Spoolwp.exe. i have been trying to find info on it using google, but nothing came up. i got very suspicious about the file because it would be using 30mb or so of memory, which is HIGH for something i couldnt find anything about on google.
so to make a Loong story short. a few days ago i ran a Full system scan with tsd3 and nothing came up. i got a VBS script that same day, and Unlocked my registry.
this evening since ive had some time, i decided to search through my registry for SPOOLWP.EXE to see what i could find. well as it turns out, i found several times and under something called TORVIL. that sounded strange so i searched google and it was a WORM. oddly enough, this is one of the first things that comes up about it.
http://vic.zonelabs.com/tmpl/body/CA/virusDetails.jsp?VId=37367
i tried to delete the spoolwp.exe file by changing the name. now when i startup something pops up saying windows could not locate spoolwp.exe when i restart. anyway, here is the key.
so does TDS-3 detect the TORVIL worm? ???
ill first give a bit of a background. i leave my comp on 24/7, so about a week ago i come to my computer and it says. "nortons has encounted a problem and needs to be uninstalled". so then i go to uninstall nortons, and thus begins my problems. nortons wouldnt uninstall correctly. so then i go to manually delete the registry keys it made... but i discover i cant use regedit, because "registry editing has been disabled by administrator". i have been using this system since novemeber when i reformated, but i couldnt recall using regedit since then.
when i saw that message, i Instantly thought of a virus. i had read on this forum about operation guard, or some viruses shutting down anti virus software.
i looked at my Task Manager, and the Only thing that looked out of place was something called Spoolwp.exe. i have been trying to find info on it using google, but nothing came up. i got very suspicious about the file because it would be using 30mb or so of memory, which is HIGH for something i couldnt find anything about on google.
so to make a Loong story short. a few days ago i ran a Full system scan with tsd3 and nothing came up. i got a VBS script that same day, and Unlocked my registry.
this evening since ive had some time, i decided to search through my registry for SPOOLWP.EXE to see what i could find. well as it turns out, i found several times and under something called TORVIL. that sounded strange so i searched google and it was a WORM. oddly enough, this is one of the first things that comes up about it.
http://vic.zonelabs.com/tmpl/body/CA/virusDetails.jsp?VId=37367
i tried to delete the spoolwp.exe file by changing the name. now when i startup something pops up saying windows could not locate spoolwp.exe when i restart. anyway, here is the key.
so does TDS-3 detect the TORVIL worm? ???