Security Basics mailing list archives
RE: Question for all
From: "Ramsinghani, Aashish (EM, GECIS)" <Aashish.Ramsinghani () geind ge com>
Date: Tue, 5 Aug 2003 07:55:53 -0400
You can also download Msconfig.exe for XP and run it on Windows 2000.. -----Original Message----- From: Bob Walker [mailto:bobwalker8 () comcast net] Sent: Monday, August 04, 2003 10:24 AM To: 'KoRe MeLtDoWn'; Jeffrey.Flory2 () LACKLAND AF MIL; security-basics () securityfocus com; incidents () securityfocus com Subject: RE: Question for all Hamish While I am a huge fan of the msconfig utility in windows machines, it doesn't work in win2k. Doesn't even exist. My advice would be to go the safe mode route, as you suggested. Another possible avenue (for advanced users only though), would be to go to administrative tools, computer management, and remove the offending service there. Bob -----Original Message----- From: KoRe MeLtDoWn [mailto:koremeltdown () hotmail com] Sent: Friday, August 01, 2003 2:44 PM To: Jeffrey.Flory2 () LACKLAND AF MIL; security-basics () securityfocus com; incidents () securityfocus com Subject: Re: Question for all Hi there Jeffery, Backdoor.Trojan is a generec term used by norton to identify any trojan or suspected trojan that does not have specific information on their dat database, but contains trojan-like signatures. Have you tried booting into safe mode and removing the trojan? Also, try clicking your start button, then run and type msconfig. Take the trojan out of the "bootup/Startup (one of the two)" tab. The reason you delete it in safemode is because windows only starts essential services while in safe mode - it will not start your trojan horse unless it is REALLY smart, which im sure it isn't... Give that a go, and good luck, Hamish Stanaway Absolute Web Hosting / -= KoRe WoRkS =- Internet Security Owner/Operator Auckland New Zealand http://www.webhosting.net.nz http://www.buywebhosting.co.nz http://www.koreworks.com
From: Flory D Jeffrey Contractor 59MDSS/MSISI <Jeffrey.Flory2 () LACKLAND AF MIL> To: security-basics () securityfocus com, incidents () securityfocus com CC: Flory D Jeffrey Contractor 59MDSS/MSISI <Jeffrey.Flory2 () LACKLAND AF MIL> Subject: Question for all Date: Fri, 1 Aug 2003 09:22:51 -0500 MIME-Version: 1.0 Received: from outgoing2.securityfocus.com ([205.206.231.26]) by mc6-f29.law1.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Fri, 1
Aug
2003 12:10:42 -0700 Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])by outgoing2.securityfocus.com (Postfix) with QMQPid 831E58F610; Fri, 1 Aug 2003 10:14:53 -0600 (MDT) Received: (qmail 32077 invoked from network); 1 Aug 2003 14:43:40 -0000 X-Message-Info: JGTYoYF78jEHjJx36Oi8+YDSEg8qKPPD Mailing-List: contact security-basics-help () securityfocus com; run by
ezmlm
Precedence: bulk List-Id: <security-basics.list-id.securityfocus.com> List-Post: <mailto:security-basics () securityfocus com> List-Help: <mailto:security-basics-help () securityfocus com> List-Unsubscribe:
<mailto:security-basics-unsubscribe () securityfocus com>
List-Subscribe: <mailto:security-basics-subscribe () securityfocus com> Delivered-To: mailing list security-basics () securityfocus com Delivered-To: moderator for security-basics () securityfocus com Message-ID:
<588C513CC306D611A2910003479604F9077FFFA2 () fsmpls17 whmc af mil>
X-Mailer: Internet Mail Service (5.5.2653.19) Return-Path: security-basics-return-21921-koremeltdown=hotmail.com () securityfocus com X-OriginalArrivalTime: 01 Aug 2003 19:10:42.0163 (UTC) FILETIME=[9A144430:01C35860] A friend of mine recently went from Windows ME to Win2K, but now he has
a trojan on his computer. He is running Norton Anti-virus, and it will
not clean it off, it will only quarentine it. The affliction is: Backdoor.Trojan, and it has placed a hidden folder on his hard drive called: Payload.Dat. He cannot get ride of it. We have tried doing a search on the internet for some kind of information pertaining to this, but we had no luck. We also tried all the antiviral websites but they do not have a
tool
for this. My question is: Has anyone ever heard of this, and if so, how do you clean it off. Thanks in advance for any assistance, anyone can provide. Jeff ----------------------------------------------------------------------- ---- -----------------------------------------------------------------------
-----
_________________________________________________________________ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: Question for all, (continued)
- RE: Question for all Jason Armstrong (Aug 01)
- RE: Question for all McCleskey, David (Aug 01)
- Re: Question for all KoRe MeLtDoWn (Aug 01)
- RE: Question for all Bob Walker (Aug 04)
- RE: Question for all Glenn Pearl (Aug 04)
- RE: Question for all Bob Walker (Aug 04)
- Re: Question for all Chris Berry (Aug 01)
- Re: Question for all Brad Mills (Aug 04)
- RE: Question for all George Peek (Aug 04)
- RE: Question for all Chris Berry (Aug 04)
- Re: Question for all Ansgar Wiechers (Aug 06)
- RE: Question for all Ramsinghani, Aashish (EM, GECIS) (Aug 06)
- RE: Question for all Ricardo Ceballos (Aug 06)