Bugtraq mailing list archives
IE0199.exe uninstaller
From: dbrumley () GOJU STANFORD EDU (David Brumley)
Date: Fri, 19 Feb 1999 11:22:28 -0800
I've been searching the anti-virus sites re: this trojan, and have found very little information. So far Dr. Solomon's says they will detect it and someone told me Norton's also does. McAfee and F-prot haven't said anything. In case you don't have either of the above products, I've written an uninstaller that I think takes care of all 3 versions of the IE0199.exe trojan (well, at least in my tests). It's available for free at: http://security.stanford.edu/incidentinfo/ietrojan.html. Note it's uuencoded and pgp signed by our teams' key. Fingerprint: 4B 1A 84 3D 1E E4 6B CC 19 30 EA CB 5A B0 FF 42 The source is also available in case you want to look at it (mostly auto-generated code. This is my first windows program!) I guess I should say that Stanford doesn't endorse nor support this program in any way and is provided as is. Cheers, -david #+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+# David Brumley dbrumley () Stanford EDU Phone: +1-650-723-2911 WWW: http://www.stanford.edu/~dbrumley Fax: +1-650-725-9121 PGP: finger dbrumley-pgp () sunset Stanford EDU #+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#
Current thread:
- Website Pro v2.0 (NT) Configuration Issues, (continued)
- Website Pro v2.0 (NT) Configuration Issues Christian Antkow (Feb 16)
- [HERT] Advisory #002 Buffer overflow in lsof Anthony C . Zboralski (Feb 17)
- [SECURITY] New versions of super fixes two buffer overflows joey () FINLANDIA INFODROM NORTH DE (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Vic Abell (Feb 18)
- Tetrix 1.13.16 is Vulnerable Steven Hodges (Feb 17)
- Re: Tetrix 1.13.16 is Vulnerable Pavel Machek (Feb 19)
- ADMsnmp SNMP Audit scanner root (Feb 17)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Gene Spafford (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Theo de Raadt (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Gene Spafford (Feb 18)
- IE0199.exe uninstaller David Brumley (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Weld Pond (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Valdis.Kletnieks () VT EDU (Feb 19)
- Plaintext Password in Tractive's Remote Manager Software Trevor Gryffyn (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Peter W (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof John DiMarco (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof brian j pardy (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Greg Woods (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof route () RESENTMENT INFONEXUS COM (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Fred W. Noltie Jr. (Feb 19)
- Call to politeness (Re: [HERT] Advisory #002 Buffer overflow in alecm (Feb 19)