RE: Trojan Attack - Eliminated
From: Bob (banjoluke_at_adelphia.net)
Date: 10/17/03
- Next message: Bruce Chambers: "Re: Spyware"
- Previous message: Steven L Umbach: "Re: Overriding Active Directory Group Policy."
- In reply to: Bob: "RE: Trojan Attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 16 Oct 2003 18:26:04 -0700
I just got rid of the Trojan Horse (backdoor.sinit). Symantec's website gave me instructions http://securityresponse.symantec.com/avcenter/venc/data/backdoor.sinit.html . I had to try it several times but I think that I have it gone now. The trick seems to be that you need to catch the 'svcinit.exe' file located in C:\windows\system32 before it lauches. I opened Norton AV and scanned the svcinit.exe file. Of course it told me that the file was infected. I quaratined the file, then deleted it from the system. There were some registry changes from the website that had to be made. I re-booted and searched for the svcinit.exe file and could not find it. Good Luck!!
- Next message: Bruce Chambers: "Re: Spyware"
- Previous message: Steven L Umbach: "Re: Overriding Active Directory Group Policy."
- In reply to: Bob: "RE: Trojan Attack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
