[thelist] trojan

[David Greig]

Janet wrote:

>>Does anyone have experience getting rid of a trojan backdoor virus?

Hi Janet/All

A lot of virii/trojans normally put an entry in the registry to restart
themselves after a reboot.  Whenever I think something's screwy, I have a
look in
HKeyLocalMachine\Software\Microsoft\Windows\CurrentVersion\Run[Once|Services
|ServicesOnce] for anything out of the ordinary.

Any one of these keys can be used, so it helps to check em all.  Of course,
these keys are used by Windows already, so only delete anything obviously
wrong - this won't necessarily fix it altogether, but works well for a lot
of Trojans, and is a good way to tell whether you need to upgrade your
definitions!

This isn't a replacement for good AV software, but if you are a little out
of date with your definitions/don't have an AV program, it can help.

Oh, and...*BE VERY CAREFUL WHEN EDITING THE REGISTRY!*

Later all
dave