Which virus is this?

[AngelicKnight]

I just captured a virus that tried to infect my system, but there are so many out there now I can't recall which one this is. Tried searching our forums, but much to my suprise didn't find it. So tell me guys, which virus is Win32:Trojan-gen?

[MemorY]

Google Power

http://www.google.com/search?hl=en&i...=Google+Search

[AngelicKnight]

It's original name was Dc43.exe. Google search didn't turn up anything. Does the name ring a bell?

[SirDice]

Virusses drop files using various names so it's hard to tell which one it is.
How did it try to infect your system? Maybe we can figure out which one it is by the way it tried to infect you.

[owensleftfoot]

According to http://vil.nai.com/vil/content/Print99296.htm the name of the trojan is configurable by by the hacker who customises it.

[AngelicKnight]

I'm not sure how I got it, but it can only be a couple of possibilities. I haven't done much downloading over the past few days, just 1) some security tools like SpywareBlaster, etc. and 2) some old television episodes off of a website (old 80's cartoons!), so surely this must've come on the heels of the latter. Haven't been opening any e-mail attachments either.

Avast! antivirus is what detected the trojan. That particular AV has a scanner that runs anytime the screen saver is running, and it indeed when I came off of screen saver that I was notified of being infected.

[Cybr1d]

do you have any ports open? Win32:Trojan-gen is pretty much a generic name which your AV used because it does not recognize the trojan itself, but it does pick up the malware.

See if you can get us more information on its true name. As for the trojan type...it most likely is a backdoor.

[AngelicKnight]

It's real name is Dc43.exe. As for port scanning, that's something I'm trying to learn (see one of my other threads), so this'll be the ideal chance to try that out.

[Cybr1d]

go to http://www.glocksoft.com and download advanced administrative tools. Then run it and see what's running in your system. It will show u detailed info of the programs that are running and I believe it also allows you to do a portscan on yourself. You could also try languard.

[SwordFish_13]

hi
As said earlier Win32:Trojan-gen is generic name and Dc43.exe might be the infected file never heard of it. try netstat to see it it is trying to connect to some remost host or sometiond, or netstat -a to see how many ports are open.

so this'll be the ideal chance to try that out.

No i think it is not the ideal chance. Your computer might be wide open any kidde or a cracker. Studing something in a controlled environment is a different thing.it might be sending out information about Computer and your computer might be wide open to be used for illigel activities(Spamming, DoS , DDoS attacks). If you want to study Trojans i suggest you try downloading a few from the AO Security Downloads there are so many there. I think AOL Trojan would be a good one to start with it is a client/server based, but first read the readme and be sure about its behaviour and the files and registries it creates.

I think you should get rid of this as soon as possible .
Try scanning your computer with Housecall see if it finds some info
and try these Trojan Removers they should get riid of it

• Trojan Remover
• Moosoft The Cleaner

Both are shareware and free to use for a month.

--Good Luck--