Win32:Trojan-gen

The virus struck again. I had this before or something like it. Last time it changed something in my registry.

This time it infected: temp.dll

Is it safe to remove it?

If you want more info tell me, (i got Windows 98 SE)

You can use this Link: http://www.kaspersky.com/remoteviruschk.html
and maybe then we can answer you your questions and say why it allways comes back.

well i can’t remmeber the exact name of the virus last time, but it was a trojan tho. Backdoor_Optix i think but i’m not sure of it (that’s something like thi virus)

btw, i can’t check the file coz it’s larger then 1024 kb → it’s 1.06 mb :-/

You could pack it with ZIP or RAR .:wink:

But i do not think it is Optix this time( Avast has a generic name for such Malware)

oh yeah lol, forgot about that (they even told it on the page ther, maybe it’s coz I just woke up :slight_smile: ::))

ok i scanned it on the site: this is what came out

Current object: temp.ace

temp.ace Archive: ACE
temp.ace/temp.dll Infected: TrojanDropper.Win32.EESbinder
temp.ace/temp.dll/EXE-file Infected: Backdoor.G_Spot.20
temp.ace/temp.dll Ok
temp.ace Ok

Statistics:


Known viruses: 68460 Updated: 7.06.2003
File size (Kb): 376 Scan time: 00:00:01
Speed (Kb/sec): 376 Virus bodies: 2
Archives: 2 Packed: 0
Folders: 0 Files: 3
Suspicious: 0 Warnings: 0

I allready tried to repair the temp.dll file, but that didn’t work.

And i don’t think it’s wise to delete it coz the file was ‘hidden’.

tell me : what you think i should do?

Okay, you can search this site: http://www.virusbtn.com/resources/vgrep/vgrep.cgi?terms=Backdoor.G_Spot.20+&product=0
or this: http://www.virusbtn.com/resources/vgrep/vgrep.cgi?terms=Win32.EESbinder&product=0
and it should be safe to delete it.

You can check your PC using this site: https://grc.com/x/ne.dll?bh0bkyd2
Maybe you have some open Ports or open shares. If so you should close it.

thnx a lot m8 :smiley: