The virus struck again. I had this before or something like it. Last time it changed something in my registry.
This time it infected: temp.dll
Is it safe to remove it?
If you want more info tell me, (i got Windows 98 SE)
The virus struck again. I had this before or something like it. Last time it changed something in my registry.
This time it infected: temp.dll
Is it safe to remove it?
If you want more info tell me, (i got Windows 98 SE)
You can use this Link: http://www.kaspersky.com/remoteviruschk.html
and maybe then we can answer you your questions and say why it allways comes back.
well i can’t remmeber the exact name of the virus last time, but it was a trojan tho. Backdoor_Optix i think but i’m not sure of it (that’s something like thi virus)
btw, i can’t check the file coz it’s larger then 1024 kb → it’s 1.06 mb :-/
You could pack it with ZIP or RAR .
But i do not think it is Optix this time( Avast has a generic name for such Malware)
oh yeah lol, forgot about that (they even told it on the page ther, maybe it’s coz I just woke up ::))
ok i scanned it on the site: this is what came out
Current object: temp.ace
temp.ace Archive: ACE
temp.ace/temp.dll Infected: TrojanDropper.Win32.EESbinder
temp.ace/temp.dll/EXE-file Infected: Backdoor.G_Spot.20
temp.ace/temp.dll Ok
temp.ace Ok
Statistics:
Known viruses: 68460 Updated: 7.06.2003
File size (Kb): 376 Scan time: 00:00:01
Speed (Kb/sec): 376 Virus bodies: 2
Archives: 2 Packed: 0
Folders: 0 Files: 3
Suspicious: 0 Warnings: 0
I allready tried to repair the temp.dll file, but that didn’t work.
And i don’t think it’s wise to delete it coz the file was ‘hidden’.
tell me : what you think i should do?
Okay, you can search this site: http://www.virusbtn.com/resources/vgrep/vgrep.cgi?terms=Backdoor.G_Spot.20+&product=0
or this: http://www.virusbtn.com/resources/vgrep/vgrep.cgi?terms=Win32.EESbinder&product=0
and it should be safe to delete it.
You can check your PC using this site: https://grc.com/x/ne.dll?bh0bkyd2
Maybe you have some open Ports or open shares. If so you should close it.
thnx a lot m8