I couldn't access Wilder's today for hours, now is the first time I don't get an IMON warning.
No matter where I would link into www.wilderssecurity.com IMON would alert:

Threat detected.
http://www.wilderssecurity.com/
probably a variant of VBS/TrojanDropper.Bomgen.G trojan

Did anybody else get that warning?
I still got warning after updating to current sigs 1.1218 (20050915).
I submitted the file to ESET. No response yet.
I scanned it with TDS-3, but it came up clean.
What do you think it is/was?

Thanks

Are you running any other realtime security scanners?

Hi Ronjor,

Just the Spybot teatimer and Spyware Guard.

Hi Devinco :)

I was curious to know because I had no warnings on Wilders with the latest NOD update and I have no other realtime scanners running.

No probs here either.

Ronjor,

I'm glad you are still here!
I'm curious about it too. Not being able to access Wilder's caused me much grief! ;D
I did submit it. I then took it out of nod32 quarantine so I could scan it with TDS-3. It showed clean. Scanned the index.php local on my machine (outside of quarrantine) with NOD32 again and the warning came up again.
I never executed the index.php file. I then deleted it because I don't like to take chances.
It is no longer in quarrantine. I don't have a good unerase program just the old useless norton unerase wizard that couldn't recover it anyway.
Can you recommend a good unerase program (not forensic quality, just something simple)?
Do you think I should try to recover the deleted index.php and try to submit it somewhere?

Thanks

Thanks.

If you submitted it, I'm sure they will look at the file. It may have been a conflict between scanners.

Eraser (http://www.heidi.ie/eraser/)

Thanks Ronjor!

I've been wanting to try that one for some time.
But Eraser doesn't appear to have an unerase / undelete function, does it?

I'm sorry. I was thinking delete. :D Free undelete (http://www.officerecovery.com/freeundelete/)

Thanks again Ronjor!

Nice program.
I guess the mysterious index.php is really gone. It couldn't recover the file. I guess other data must have overwritten the area in the mean time.
Well at least ESET has it.
If ESET gets back to me, I'll update this thread.

-{ Quote: "Ronjor,

I'm glad you are still here!
I'm curious about it too. Not being able to access Wilder's caused me much grief! ;D
I did submit it. I then took it out of nod32 quarantine so I could scan it with TDS-3. It showed clean. Scanned the index.php local on my machine (outside of quarrantine) with NOD32 again and the warning came up again.
I never executed the index.php file. I then deleted it because I don't like to take chances.
It is no longer in quarrantine. I don't have a good unerase program just the old useless norton unerase wizard that couldn't recover it anyway.
Can you recommend a good unerase program (not forensic quality, just something simple)?
Do you think I should try to recover the deleted index.php and try to submit it somewhere?

Thanks" }-Restoration http://www.snapfiles.com/get/restoration.html

Thanks The Hammer.

Next time I won't be so quick to delete it!
As long as it doesn't execute or cause a buffer overflow by opening the file with a program, it should be safe.

Don't know if this is pertinent or not, but for a period of time early this morning (1 or 2 a.m.) Wilders Security Forums was not able to be accessed by me. Later it was not a problem. I thought perhaps the server was down?