Well...

Discussion in 'malware problems & news' started by Rico, May 14, 2010.

Thread Status:
Not open for further replies.
  1. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,703
    Location:
    Texas
    Hi Guys,

    Thought I'd share what just happened & hopefully gain some insight:

    I was/am using a wonderful security app. called "Shadow Defender", and in "Shadow Mode" while "Stumbling" along. Next a scanner started, saying I had many virus & trojans. Next a file became available for me to download

    packetupdate_build107_2045.exe I tried to say no to this file download & was prompted several more times to download.

    Next I rebooted my machine without a trace of this Rogue security app..

    Questionso_O?

    1. Was the virus scan the scare & packetupdate...exe the real infection

    2. Is it too late now to notify Stumble Upon.

    3. Having been In SM (shadow mode) would continuing, provide ANY useful
    info.

    4. Are there any bad software that can get by/leak past SM.

    BTW - Avira free (updated today) was silent, so they do not have an update for this. Also I've googled packetupdate...exe with 0 results.

    5. Because the download for packetupdate...exe did not respond like a normal 'download window' wasn't just clicking on 'cancel' download, the same as actually executing the malware

    Take Care
    Rico
     
  2. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Lucky you have Shadow Defender :thumb:

    Yes

    Tell them just in case

    Maybe, to send the nasty to Avira and VT for eg :D

    I think there is, can't remember what, possibly the MBR thingy and maybe the KHOBE bug, but you'ld be very unlucky to get hit.

    Sometimes yes
     
  3. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,703
    Location:
    Texas
    Hi CloneRanger,

    Thanks for responding!

    Since my last post I've scanned with

    HitmanPro 3.5 - thinking because its cloud, it would be most up to date, type program. It found no problems

    Next - I contacted StumbleUpon

    IMO - StumbleUpon is way to dangerous, to use with anything less than virtual mode.
     
  4. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Good test for Shadow Defender. If it erased the malware, who cares what it was. I would just stay away from where I picked it up in the future. ;)
     
  5. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Absolutely agree here. Same could be said with other sites too, which is why I stay in ShadowMode whenever surfing the net. Only time I need to be not in ShadowMode is for any updating.
     
  6. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,703
    Location:
    Texas
    So what's a 'PHP Exploit'?
     
  7. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Rico

    If you were in shadow mode, why didn't you just go ahead and click yes and let it install?? Great way to figure out if your security software gets a :thumb: or :thumbd:
     
Thread Status:
Not open for further replies.