Security Basics mailing list archives
Re: Question for all
From: "Morton B. Maser" <MBMaser () msn com>
Date: Tue, 5 Aug 2003 02:57:58 -0700
Haven't heard of it specifically by that name - you might check http://www.diamondcs.com.au (TDS-3 anti-trojan scanner) or http://www.nsclean.com (BOClean anti-trojan). Have you done a scan for alternate date streams? Could be hidden that way. Obviously, if you can identify the trojan or its code (Hackman is always useful for stuff like that), you may be able to just use the local loop (127.0.0.1) to send its "kill" command. ----- Original Message ----- From: "Flory D Jeffrey Contractor 59MDSS/MSISI" <Jeffrey.Flory2 () LACKLAND AF MIL> To: <security-basics () securityfocus com>; <incidents () securityfocus com> Cc: "Flory D Jeffrey Contractor 59MDSS/MSISI" <Jeffrey.Flory2 () LACKLAND AF MIL> Sent: Friday, August 01, 2003 7:22 AM Subject: Question for all
A friend of mine recently went from Windows ME to Win2K, but now he has a trojan on his computer. He is running Norton Anti-virus, and it will not clean it off, it will only quarentine it. The affliction is: Backdoor.Trojan, and it has placed a hidden folder on his hard drive
called:
Payload.Dat. He cannot get ride of it. We have tried doing a search on
the
internet for some kind of information pertaining to this, but we had no luck. We also tried all the antiviral websites but they do not have a
tool
for this. My question is: Has anyone ever heard of this, and if so, how do you
clean
it off. Thanks in advance for any assistance, anyone can provide. Jeff --------------------------------------------------------------------------
-
--------------------------------------------------------------------------
--
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Question for all Flory D Jeffrey Contractor 59MDSS/MSISI (Aug 01)
- Re: Question for all Shaun Colley (Aug 01)
- RE: Question for all Cameron Losco (Aug 01)
- Re: Question for all Morton B. Maser (Aug 05)
- Re: Question for all Nick Bennett (Aug 06)
- Backdoor.Trojan and payload.dat Lee Seidman (Aug 06)
- Re: Question for all stephen at unix dot za dot net (Aug 08)
- <Possible follow-ups>
- RE: Question for all Jason Armstrong (Aug 01)
- RE: Question for all McCleskey, David (Aug 01)
- Re: Question for all KoRe MeLtDoWn (Aug 01)
- RE: Question for all Bob Walker (Aug 04)
- RE: Question for all Glenn Pearl (Aug 04)
- RE: Question for all Bob Walker (Aug 04)
- Re: Question for all Chris Berry (Aug 01)
- Re: Question for all Brad Mills (Aug 04)
(Thread continues...)