F-Forceftp://ftp.f-secure.com/anti-virus/tools/f-force.ziphttp://www.f-secure.com/tools/f-force.zip
Signatures for F-Forcehttp://download.f-secure.com/latest/latest.zipftp://ftp.f-secure.com/anti-virus/updates/latest/latest.zip
F-Force is a free malware disinfection utility created by F-SecureCorporation.
The F-Force utility disinfects computers infected with known variants ofthe following malware:
Agobot (Backdoor.Win32.Agobot) Aimbot (Backdoor.Win32.Aimbot) Bagle (Email-Worm.Win32.Bagle, except .N, .O, .P, .Q, .R variants) Bozori (Net-Worm.Win32.Bozori) Codbot (Backdoor.Win32.Codbot) Dumaru (Email-Worm.Win32.Dumaru) Fanbot (Backdoor.Win32.Fanbot) Feebs (Worm.Win32.Feebs) Forbot (Backdoor.Win32.Forbot) IRCBot (Backdoor.Win32.IRCBot) Mitglieder (Trojan-Proxy.Win32.Mitglieder or Trojan-Spy.Win32.Mitglieder) Mydoom (Email-Worm.Win32.Mydoom) Mytob (Net-Worm.Win32.Mytob) Netsky (Email-Worm.Win32.NetSky) Padobot (Net-Worm.Win32.Padobot) Poebot (Backdoor.Win32.Poebot) Rbot (Backdoor.Win32.Rbot) SDBot (Backdoor.Win32.SdBot) Spybot (P2P-Worm.Win32.SpyBot) Wootbot (Backdoor.Win32.Wootbot) Zafi (Email-Worm.Win32.Zafi)
Also the utility can remove the following malware:
VB.bi (Email-Worm.Win32.VB.bi) Nyxem.e (Email-Worm.Win32.Nyxem.e)
In addition the F-Force utility detects EICAR test file.
The F-Force utility might be able disinfect computers that are infectedwith new variants of these backdoors and worms, however disinfection willonly work if these variants are detected generically by AVP engine.
The F-Force utility disinfects Windows HOSTS file by removing entries thatwere added by malware. In addition the utility automatically restores thedefault EXE file startup string in case it was modified by malware.
The F-Force utility creates a log file named F-FORCE.LOG in the rootWindows directory (usually C:\WINDOWS). The log file is appended everytime the F-Force utility is run.