[Dshield] OT W2K/ME

Deb Hale haled at pionet.net
Wed Oct 8 20:26:34 GMT 2003


http://securityresponse.symantec.com/avcenter/venc/data/backdoor.apdoor.html

This might be another possibility.  It says that it hooks into explorer.exe
?  Never personally seen this one.

(SNIP)
Every time the system boots My Documents opens in Explorer. I've checked
HKLM\Software\Microsoft\Windows\CurrentVersion\Run and found nothing and
RunOnce found nothing. Nothing in Startup, ran msconfig and found nothing.
Prior to this problem both systems have had Norton 2003 installed and full
system scans done with up to date Defs. Both systems were found to be
infected with Backdoor.Coreflood I've also run SpyBot and cleaned up a bunch
of stuff.






More information about the list mailing list