Announcement

Collapse
No announcement yet.

Backdoor-DZM

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Backdoor-DZM

    My McAfee is able to detect and delete this trojan, But looks like it has opened my port is is continously wanting to harm my PC. Is there an available tool to protect me from this attack? I will appreciate your soonest assist. Currently am just deleting my quarantine folder which is growing at 81.5 KB, everytime McAfee deletes the detection.

    I have attached an on-scan msg from McAfee.

    Thx
    Attached Files

  • #2
    Re: Backdoor-DZM

    What's the proper name Mcafee detected the code as? Any more info on the virus by Mcafee? Did you have On-access scan enabled or did it get detected when doing an On-demand scan?
    If I am honest with you I am a bit reluctant to open the attachment as it is PDF (Pretty Dangerous File).
    Caesar's cipher - 3

    ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

    SFX JNRS FC U6 MNGR

    Comment


    • #3
      Re: Backdoor-DZM

      McAfee is detecting the file as (C:\Documents and Settings\Administrator\k7a4r6c4s5d2.exe)..

      The attached pdf is safe, I created it. It is a snapshot of the message I am getting.

      Hope I get help soon.

      The McAfee website just has the following:

      http://home.mcafee.com/VirusInfo/Vir...spx?key=175232
      Last edited by Thewapa; 9th July 2009, 14:17. Reason: Adding link to McAfee website

      Comment


      • #4
        Re: Backdoor-DZM

        Have you tried scanning it with the various assortment of free online scanners?
        1 1 was a racehorse.
        2 2 was 1 2.
        1 1 1 1 race 1 day,
        2 2 1 1 2

        Comment


        • #5
          Re: Backdoor-DZM

          Hi,

          Here is some more info on that trojan (or a variant): http://home.mcafee.com/VirusInfo/Vir...ey=175688#none.
          It looks a brand new one. Mcafee risk asses it as Low make sure you use the latest DATs and Engine and according to them that should be enough.

          Apart from Biggles77 suggestion I would recomend to isolate the machine and do an offline scan as well with updated AV.

          Other than that just try a netstat -a or any port monitoring tools to check for any unusual activity.


          ....That still doesn't make it safe to open a PDF file!
          Caesar's cipher - 3

          ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

          SFX JNRS FC U6 MNGR

          Comment

          Working...
          X