DDoS.RAT.rBot

Discussion in 'Trojan Defence Suite' started by HJThis1, Jun 23, 2005.

Thread Status:
Not open for further replies.
  1. HJThis1

    HJThis1 Registered Member

    Joined:
    Jun 23, 2005
    Posts:
    2
    Hello,To all

    I hope someone here can help me with a problem
    am having with TDS the last 3 times i have updated
    i get this here but with different file names.

    File Trace: Default trojan filename: DDoS.RAT.rBot
    File: C:\WINDOWS\System32\systeminfo.exe
    ^
    this time it's |

    Thank you

    HGD ;)
     
  2. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Hi,

    False alarm, you can ignore this.
    Seems the bad guys are getting sneakier all the time - now content to OVERWRITE a legit windows file like this, just to get their nasty on a machine

    I have removed the detection, will update soon
     
  3. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    Thank goodness they are all FP's as I am getting a bit paranoid now I had these detections :'( almost to the point I didn't want to load TDS to see another alert like this :'( :'(
     
  4. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    All I want to know is why the trace didn't come up on my test setup.. might be due to XP SP1, might not.. will have to run a couple of tests each day now instead. Sorry for any inconvenience, expect no more of these anymore ;)
     
  5. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    Thanks Gavin as it is one huge worry for me, even though I 'know' they are FP's they have me scanning my computer inside out :oops: Hopefully today I wouldn't see any Rats :eek: ;)
     
  6. AAP2

    AAP2 Guest

    Hello,Gavin

    Sorry about the name it was me how had asked this
    but just like to say thank you all is great.

    HGD:)
     
  7. AAP2

    AAP2 Guest

    Hey,Gavin

    Good god it was i who had asked this

    HGD:)
     
Thread Status:
Not open for further replies.