Security Incidents mailing list archives
Re: While we're on viruses....
From: gm_ () TELKOM NET (gM)
Date: Thu, 18 May 2000 21:12:27 -0400
well, the thing is with subseven is that it's pretty much completely customizable, you can set whether it loads in various places like win.ini, system.ini, and the registry, my suggestion is to check the win.ini for things like load=filename.exe should be either at the top or bottom, then in the system.ini look for shell=explorer.exe; filename.exe then delete the ending because shell=explorer.exe is needed, also for the registry, it might be long and tedious but it gets the job done, just search the registry for shell= and look for anthing suspicious then delete them, should work
Current thread:
- Re: While we're on viruses.... gM (May 18)