[thelist] trojan

Vic Wooten vicwooten at eaglewebservices.com
Fri Feb 1 08:13:01 CST 2002


Janet,

----- Original Message -----
From: "Janet FitzGerald" <waxplanet at sunflower.com>
To: <thelist at lists.evolt.org>
Sent: Thursday, January 31, 2002 2:14 PM
Subject: [thelist] trojan


> Hello Everyone,
>
> Does anyone have experience getting rid of a trojan backdoor virus?

I clean machines on a regular basis at the computer shop I work in. I can
give you some helpful hints, but without knowing exactly what worm you have,
I can't give you anything specific. Some are relatively easy....a piece of
cake. Some are extremely difficult, and challenging to say the least. With
some of the most recent lovelies, you can download free tools from Symantec
that will do "most" of the work for you. You may find it necessary to edit
the registery, and delete certain corrupt Windows system files. You will
have to unpack those files and replace them from your Windows CD.

One of the tools (free) that I use in the shop is F-Secures free dos
scanner, F-Prot. It doesn't always help me remove the virus/worm, but in
most cases, it will positively identify the worm. You have to know exactly
what it is you're dealing with!

You can download the tool here...

ftp://ftp.f-secure.com/anti-virus/free/

Make a folder, and download fp-311a.zip, fp-def.zip, and macrodef2.zip, and
unzip them in the folder you've created. The fp-311a.zip file is the main
program. When you unpack the other two, you will be prompted about replacing
certain files. Replace them. They are updates to the original defs. Reboot
your machine to dos, and CD to the folder you unpacked the files in. Type
f-prot to run it. Use the "Tab" key to navigate the menu. Set the file
scanning to "Dumb scan all files", and set to "Disinfect/Query". Let me know
what you find.

BTW, I've already seen a couple of REs making reference to McAfee Virusscan.
I don't recommend it for several reasons.

HTH

Vic

> Janet




More information about the thelist mailing list