Revop C and spywareguard

Discussion in 'SpywareBlaster & Other Forum' started by donlon, Apr 12, 2004.

Thread Status:
Not open for further replies.
  1. donlon

    donlon Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    31
    Hi

    I just survived a Win32/trojan downloader vb.ca, a "revop C" bastard :)

    Nod32 did discover it and popped up with a warning, but it found it in my memory and couldn't delete it, so I have to do it manually (shut it down in tasklist and then NOD it )

    It copied itself to my HD as my Windows mediaplayer exe (wmplayer.exe), and deleted/renamed the original file, so when activated it tried to download something.

    It was a little difficult to locate the file that set NOD32 off, because NOD32 did not see anything wrong with the wmplayer.exe.

    I got this little fu**er, from a website (I got the URL, if anybody want to take a look at it) and my Q is, if i had installed SpyWareGuard would it had caught it before it could infect my Computer o_O?
     
  2. donlon

    donlon Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    31
    A little update

    I installed Spywareguard and HTAStop (Just in case) and went back to the website and guess what ...... I got the bastard right back.

    So Spywareguard got uninstalled again, if it can't stop that kind of sh** there is no point in have it running and "eat" up my RAM ... ;)

    PS. I thought that HTAStop was designed to prevent this kind of spyware
     
  3. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Thanks for the heads up.

    That's enterily up to you no doubt. Just curious: will you do the same in case your software firewall is bypassed, your Antivirus updated 1 minute too late or your Antitrojan? :)

    Anyway, please email me the URL in question (my addy is in my profile), so we can have a look at it, for the benefit of all.

    That's a different story - and off topic in this forum. Better contact the software developers from HTAStop on that one.

    regards.

    paul
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.