[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Fw: Viruses

To: <killietalk at aka_org>, <timaddis at killifish_force9.co.uk>
Subject: Fw: Viruses
From: "Carlos J P Gomes" <cjpgomes at uol_com.br>
Date: Sun, 29 Apr 2001 20:53:47 -0300
Hi Tim,

for you and all of you that, like me, had received this virus, this e-mail
from Tom was valuable and it works.

Tom, thanks for you help !!

Best wishes,

Carlos
----- Original Message -----
From: "Tom Grady" <tgrady at twcny_rr.com>
To: <killietalk at aka_org>
Sent: Thursday, April 26, 2001 9:13 PM
Subject: Re: Viruses


> Those viruses are all the same one BadTrans Virus.  For everyone's
> protection - if you are a DOS machine (Windows etc) simply do not run the
> file attached and delete the email message.  In the directory or area you
> keep your attachments make sure you use Windows Explorer and delete the
> attachment also.
>
> Here is the stuff you need to do to clean it up if the computer does
become
> infected ...
>
> This is complicated - but is necessary if your Virus Protection Program
> cannot find the virus - McAffee does not recognize it for some reason.  I
> do not know about Norton.
>
>
> Windows 95/98 users: Change the Folder View Options
>
> 1. Double-click on the My Computer icon on the desktop.
> 2. Double-click on the C: drive.
> 3. Click on the View pull-down menu then click on Options (or Folder
> Options). The Folder Options dialog box will then appear.
> 4. Click on the View tab.
> 5. Select the 'Show all files' option.
> 6. Uncheck 'Hide file extensions for known file types'.
> 7. Click the Apply button followed by the OK button.
> 8. Close the remaining open windows until you are back on the desktop.
>
> Windows ME users: Change the Folder View Options
>
> 1. Double-click on the My Computer icon on the desktop.
> 2. Double-click on the C: drive.
> 3. Click on the Tools pull-down menu and then click on Folder Options. The
> Folder Options dialog box will then appear.
> 4. Click on the View tab.
> 5. Select the 'Show hidden files and folders' option.
> 6. Uncheck 'Hide file extensions for known file types'.
> 7. Click the Apply button followed by the OK button.
> 8. Close the remaining open windows until you are back on the desktop.
>
> All users: Backup the Registry
> 1. Click on the Start button.
> 2. Click on Run.
> 3. Type in REGEDIT then click the OK button. The Registry Editor will then
> appear.
> 4. Click on the Registry pull-down menu then click on Export Registry
File.
> 5. The Export Registry File dialog box will then appear. The top of this
> dialog box contains an option entitled Save In. Make sure Desktop is
> selected for the Save In option. If it is not, click the pull-down arrow
> and select Desktop from the menu.
> 6. In the File Name field type "Backup" (without the quotation marks).
> 7. In the Export Range group box make sure All is selected.
> 8. Click on the Save button. You have now created a backup of your
registry.
> 9. Close the Registry Editor by clicking the X in the top right corner.
> NOTE: If you need to restore the registry you can double-click on the
> backup file you created and it will be restored. The backup file will be
> located on your desktop. Once you have finished these instructions and are
> certain everything is working properly it is important to delete the
> "backup" file you created. Do this by right-clicking on the Backup file on
> the desktop then left-clicking on Delete from the pop-up menu that
appears.
> This will ensure that the old registry is not accidentally restored once
> this process is complete.
>
> Edit the Registry
>
> 1. Click on the Start button.
> 2. Click on Run.
> 3. Type in REGEDIT then click the OK button. The Registry Editor will then
> appear.
> 4. On the left side of the screen double-click on HKEY_LOCAL_MACHINE.
> 5. Double-click on Software.
> 6. Double-click on Microsoft.
> 7. Double-click on Windows.
> 8. Double-click on CurrentVersion.
> 9. Single-click on the RunOnce folder so it is highlighted. You will
notice
> the right-side of the screen has a Name column and a Data column.
> 10. On the right side of the screen, single-click on the word "Kernel32"
> under the Name column so it is highlighted.
> 11. Press the Delete key on the keyboard to remove the highlighted Windows
> entry.
> 12. Close the Registry Editor by clicking the X in the top right corner.
>
> All users: Editing the WIN.INI
>
> 1. Click on the Start button.
> 2. Click on Run.
> 3. Type in WIN.INI and then click the OK button.
> 4. The C:\WINDOWS\WIN.INI window will appear.
> 5. Scroll all the way over to the right in this window and next to RUN=
> there will be this reference: c:\windows\inetd.exe.
> Remove this reference. If you do not see the reference it may be off the
> screen. Remember to scroll all the way over to the right.
> 6. Click on the X in the top right corner to close the WIN.INI window. You
> will be asked if you wish to save changes. Answer Yes.
>
> Windows 95/98 users: Delete the Virus Files
>
> 1. Click on the Start button.
> 2. Highlight Find then click on Files or Folders. The Find Files dialog
box
> will then appear.
> 3. Make sure the C: drive is selected for the Look In option.
> 4. In the Named field type in INETD.EXE then click the Find Now button.
> 5. The computer will then search for this file. When the file is found the
> file's name will be displayed towards the bottom of the dialog box.
> 6. Once the file is found right-click on the small icon that appears to
the
> left of the file's name. A pop-up menu will appear.
> 7. Left-click on Delete to remove this file.
> 8. Repeat steps 4 - 7 for the for the following file names:
> KERN32.EXE
> HKSDLL.DLL
> HKK32.EXE
> CP_23421.NLS
> 9. Once all three files have been deleted close the Find Files dialog box
> by clicking the X in the top right corner.
> 10. Empty your recycle bin by right-clicking on the Recycle Bin icon on
the
> desktop and left-clicking on Empty Recycle Bin.
> 11. Restart your computer. The trojan has now been removed.
>
> Windows ME users: Delete the Virus Files
>
> 1. Click on the Start button.
> 2. Highlight Search and then click on For Files or Folders. The Search for
> Files or Folders dialog box will then appear.
> 3. Make sure the Look in field shows the C: drive so the entire C: drive
> will be searched.
> 4. Type INETD.EXE in the Search for Files or Folders Named field and click
> the Search Now button.
> 5. Windows will then search for the file. When the file is found, it will
> be displayed on the the right-hand side of the dialog box.
> 6. Once Windows has finished searching, right-click on the small icon to
> the left of the file's name. A pop-up menu will appear.
> 7. Left-click on Delete. If you receive a prompt, answer Yes to have the
> file deleted.
> 8. Repeat steps 4 - 7 for the for the following file names:
> KERN32.EXE
> HKSDLL.DLL
> HKK32.EXE
> CP_23421.NLS
> 9. Close the Search for Files or Folders dialog box by clicking on the X
in
> the top right corner.
> 10. Empty your recycle bin by right-clicking on the Recycle Bin icon on
the
> desktop and left-clicking on Empty Recycle Bin.
> 11. Restart the computer. The trojan has now been removed.
>
>
>
>
>
>
>
>
>
>
> At Thursday 07:41 PM 4/26/01, you wrote:
> >Today I have received 3 viruses from 3 different list members. Luckily
> >none of them affect my Mac, but windows users may want to beware
> >
> >Obviously not blaming here, but I received viruses from:
> >
> >"Karl Doering" <kilikarl at bignet_net> Sent:  hamster.ZIP.scr
> >"Ernest E. May" <emay1 at wi_rr.com>  Sent:  Me_nude.AVI.pif
> >"-----Cypher-----" <cypher at cromas_net> Sent:  s3msong.MP3.pif
> >
> >All of these were addressed specifically to me, not to the list.
> >
> >The accompanying text looks as follows, and then there is an attachment
> >for the Virus
> >
> >
> > > Subject:
> > >                     Re: Re: Electronic BNL
> > >         Date:
> > >                     Thu, 26 Apr 2001 07:39:03 -0400
> > >       From:
> > >                     "Karl Doering"
> > >             To:
> > >
> > >
> > >
> > >
> > >
> > > 'Jeremy Adams' wrote:
> > > ====
> > > - > It is indeed not the general trend and I dare say few of us are
> > willing OR
> > > - > anxious
> > > - > to be stuck with a BNL that is only on the computer screen.
> > > - >
> > > - > To try to save money by removing a service sounds more like
> > Wallstreet and
> > > - > less
> > > - > like a club of hobbyists.
> > > - >
> > > - I don't think this has been suggested? I think what has been
suggested
> > > - is to give people the choice of paper or electronic. The people who
do
> > > - it electronically would save the AKA money. Th ...'
> > >
> > >
> > > > Take a look to the attachment.
> > >
> > >
> > >
> >
> >Jeremy
> >
> >--
> >
> >
> >
> >~~~~~~~~~~~~~My Life Story~~~~~~~~~~~~~~~~
> >Jeremy Adams - Corvallis, Oregon  USA
> >Killifish-Frogs-Toads-Aquatic Plants-Fish Ponds
> >Bombina orientalis web page:
> ><http://members.home.net/killifish/bombina.html>
> >Loyal Macintosh user since 1988
> >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >
> >
> >---------------
> >See http://www.aka.org/AKA/subkillietalk.html to unsubscribe
>
> ---------------
> See http://www.aka.org/AKA/subkillietalk.html to unsubscribe
>
>

---------------
See http://www.aka.org/AKA/subkillietalk.html to unsubscribe
Prev by Date: Re: Aphyosemion australe (orange) or scheeli
Next by Date: Re: Virus
Prev by thread: Ep. lamottei
Next by thread: Re: KillieTalk Digest V3 #1177
Index(es):
- Date
- Thread