Which virus is this?
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Which virus is this?

  1. #1

    Question Which virus is this?

    I just captured a virus that tried to infect my system, but there are so many out there now I can't recall which one this is. Tried searching our forums, but much to my suprise didn't find it. So tell me guys, which virus is Win32:Trojan-gen?

  2. #2

  3. #3
    It's original name was Dc43.exe. Google search didn't turn up anything. Does the name ring a bell?

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Virusses drop files using various names so it's hard to tell which one it is.
    How did it try to infect your system? Maybe we can figure out which one it is by the way it tried to infect you.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  5. #5
    Member
    Join Date
    Dec 2001
    Posts
    87
    According to http://vil.nai.com/vil/content/Print99296.htm the name of the trojan is configurable by by the hacker who customises it.

  6. #6
    I'm not sure how I got it, but it can only be a couple of possibilities. I haven't done much downloading over the past few days, just 1) some security tools like SpywareBlaster, etc. and 2) some old television episodes off of a website (old 80's cartoons!), so surely this must've come on the heels of the latter. Haven't been opening any e-mail attachments either.

    Avast! antivirus is what detected the trojan. That particular AV has a scanner that runs anytime the screen saver is running, and it indeed when I came off of screen saver that I was notified of being infected.

  7. #7
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,836
    do you have any ports open? Win32:Trojan-gen is pretty much a generic name which your AV used because it does not recognize the trojan itself, but it does pick up the malware.

    See if you can get us more information on its true name. As for the trojan type...it most likely is a backdoor.

  8. #8
    It's real name is Dc43.exe. As for port scanning, that's something I'm trying to learn (see one of my other threads), so this'll be the ideal chance to try that out.

  9. #9
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,836
    go to http://www.glocksoft.com and download advanced administrative tools. Then run it and see what's running in your system. It will show u detailed info of the programs that are running and I believe it also allows you to do a portscan on yourself. You could also try languard.

  10. #10
    AntiOnline n00b
    Join Date
    Feb 2004
    Posts
    665
    hi
    As said earlier Win32:Trojan-gen is generic name and Dc43.exe might be the infected file never heard of it. try netstat to see it it is trying to connect to some remost host or sometiond, or netstat -a to see how many ports are open.

    so this'll be the ideal chance to try that out.
    No i think it is not the ideal chance. Your computer might be wide open any kidde or a cracker. Studing something in a controlled environment is a different thing.it might be sending out information about Computer and your computer might be wide open to be used for illigel activities(Spamming, DoS , DDoS attacks). If you want to study Trojans i suggest you try downloading a few from the AO Security Downloads there are so many there. I think AOL Trojan would be a good one to start with it is a client/server based, but first read the readme and be sure about its behaviour and the files and registries it creates.

    I think you should get rid of this as soon as possible .
    Try scanning your computer with Housecall see if it finds some info
    and try these Trojan Removers they should get riid of it

    Both are shareware and free to use for a month.

    --Good Luck--

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •