Virus found in TDS xDynamic folder

Discussion in 'Trojan Defence Suite' started by richardw2, Mar 16, 2005.

Thread Status:
Not open for further replies.
  1. richardw2

    richardw2 Guest

    Installed TDS only within the last few days.

    This morning I got a message from my Norton AntiVirus Auto-Protect service that the Hacktool.Nuker virus had been automatically deleted from:

    C:\TDS\xDynamic\TDS.Unpk\Haktek.exe

    Question is what is the purpose of the xDynamic\TDS.Unpk folder in the TDS installation folder and is the Haktek.exe file a virus or not. If not, what is the purpose of this file and does it matter that Norton AV has deleted it?

    Thanks in advance
     
  2. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hello and welcome to the forum.
    That Unpak folder is where compressed archives are unpacked and scanned, in most cases deleted afterwards. If not you can delete the copies there manually.
    It means elsewhere on your system is the original of that nasty.
    If you scan with TDS make sure your other scanners are all closed including their resident protection to give TDS full access to all files.
    TDS doesn't need to be closed during scans with other scanners only don't have it scanning at the same time.
    I may expect TDS alarmed on that file after the scan with TDS?
     
  3. richardw2

    richardw2 Guest

    Thanks for the prompt reply

    I have now done a TDS full system scan (with Norton AV Auto-Protect disabled) and it showed the following alarm:

    Trojan Client\EditServer found (in archive): HakTek 1.1 (Utility)
    File: haktek.exe

    I have another question: What is the difference between the above alarm and the Positive Identification alarm when a Trojan is found, as shown in the TDS Help file? In other words, is the "Trojan Client\EditServer" shown in the above alarm an actual trojan or not?

    Thanks
     
  4. illukka

    illukka Spyware Fighter

    Joined:
    Jun 23, 2003
    Posts:
    633
    Location:
    S.A.V.O
    client/edit server is a tool used to create trojan servers to infect victims

    and to connectto their pc's once they're infected to steal data etc
     
Thread Status:
Not open for further replies.