that is a virus or backdoor?i found it at the web servers!

Discussion in 'malware problems & news' started by rookies, Mar 19, 2004.

Thread Status:
Not open for further replies.
  1. rookies

    rookies Registered Member

    Joined:
    Mar 19, 2004
    Posts:
    6
    yesteday,i return a machine,one of my hacked. i found

    somebody had exploit it and contrl the administrator.so i

    kick him,and clean his backdoor, i found the "mdll.exe"

    i seach it found one batfile."hiddenrun.exe mdll.exe"

    what is the mdll.exe? a virus? backdoor?or anyother?


    ps:my first englist post, :p have some wrong.
     
  2. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,451
    Location:
    North Carolina, USA
    Hi rookies,

    Welcome to Wilders!!!

    HERE is one possibility, Backdoor.Sumtax.

    HTH...

    Regards,
    Kent
     
  3. rookies

    rookies Registered Member

    Joined:
    Mar 19, 2004
    Posts:
    6
    hi,you are welcome, thank for your reply.

    i check this link.the virus look like it.but they had some

    differen.i run that batfile on my computer.but

    anything was not happened.the batfile is:
    cd C:\winnt\system32\dhcp\files
    hiddenrun.exe mdll.exe
    cd C:\winnt\system32\dhcp\files\copy
    hiddenrun.exe sr.bat
    hiddenrun.exe pr.bat

    can you see it before?if you see it before,what is

    the "hiddenrun.exe"? the file look like program by VB.
     
  4. subratam

    subratam Registered Member

    Joined:
    Nov 14, 2003
    Posts:
    1,310
    Location:
    Issaquah, WA
    Hi rookies,

    Check here , dont know whether that is it.
    Please, go through the instructions given here.
    There maybe some evil and some expert will help you to get out those if any present

    good day
     
  5. rookies

    rookies Registered Member

    Joined:
    Mar 19, 2004
    Posts:
    6
    subratam
    thank you very much

    i seen the <Posting Policy>.I thank you are mistake.I am not want clean any Virus or Trojan on my computer,if I want do it,i think it's easy.I just can't see it in my country's any websites.so i want go to this Fourm to ravel whis is it.

    i see it,i think it may were mark changes by somebody.
    mdll.exe is a IRC client.It is doesn't matter to run it.

    I like this Forum.because some friend will help you at this Forum. Even you english is not good.

    I would usually come here,I want help anybody at this Forum.but it is important He must post the message which I can see to understand :D
     
  6. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    I think this is the one you are looking for:
    http://hq.mcafeeasap.com/dispVirus.asp?virus_k=100427

    Regards,

    Pieter
     
  7. rookies

    rookies Registered Member

    Joined:
    Mar 19, 2004
    Posts:
    6
    pieter thank for you reply

    are you right.i think that is it.i seach it many days.i like research a virus when it had been create.it is interesting
    to research a new virus when you found it
     
Loading...
Thread Status:
Not open for further replies.