RootsWeb: GENANZ-L Re: O/T Virus

GENANZ-L Archives

Archiver > GENANZ > 2001-11 > 1004786203

From: "John Blue" <>
Subject: Re: O/T Virus
Date: Sat, 3 Nov 2001 22:16:43 +1100
In-Reply-To: <iDLE7.18858$g8.28698@newsfeeds.bigpond.com>

> So how does one get Pegasus? > Go to: http://www.pmail.com/ The current version for windows is 3.12c, with a version 4 coming very shortly. The version 4 has been on restricted release for final testing. > I recently received (in spite of Norton installed) a > W32 HLLW Bymer virus which has affected my winnit.exe. > > Now as a complete igonramus in these matters, I quarantined said virus > and updated every bell and whistle in Norton, but it now tells me I > cannot now use winnit.exe. from windows. The following may help this is from: http://www.pchell.com/virus/wininit.shtml If you can access that page you can down an automatic cleaner from trend Micro, if not follow these instructions: This trojan virus slows down the infected computer and can disable the infected user from viewing other computers in the Network Neighborhood. The original Trojan is distributed as WININIT.EXE but other virus writers may change this filename. To Clean/Delete the Bymer trojan? The registry needs to edited to delete this Trojan Click START, RUN Type REGEDIT and hit ENTER key In the left panel, click the "+" to the left of the following: HKEY_LOCAL_MACHINE Software Microsoft Windows CurrentVersion Run In the right panel, search for any of the registry key that contains the data value of bymer.scanner = "%virus path and filename%" Where %virus path and filename% is the complete path of the Trojan. Make a note of the exact path to the virus, then close Regedit. Restart the Computer in MS-DOS Mode. Delete the file name referenced in Step 3 above Reboot the system Following the information in Steps 1 and 2, open Regedit and proceed to the Run line In the right window, highlight the registry key that loads the file and press the DELETE key. Answer YES to delete the entry. Exit the registry. Scan your system with an up-to-date antivirus program and clean any infected files I suggest you use esafe desktop: http://www.ealaddin.com/esafe/default.asp or Protector Plus http://www.protectorplus.com/ > Everything seems to be working of so what does this mean and how can I > put it right, being 90 k's from the nearest computer shop. > Go through the above procedure, install one of the above virus checkers and rescan the system. > -- > Ejay > Please contact me off list if you need further assistance. John - > > > > "John Blue" <> wrote in message > news:... > > > > > > > Hi All, > > > > > > I just wanted to apologise to anyone who had received strange Emails > > > from me, as I found I had received the Magistrate Virus, which had > > > been going through my files and Emails and sending them off > > > indiscriminately to people I have had contact with. > > > > > > I now have an update Virus protection on, after wiping it off the > > > system, it was detected again the nest day, it seems to effect quite > > > a few files. Hopefully I will not have it anymore. I don't see what > > > joy the people get from sending these. > > > > > Karen, > > > > The virus infected emails you and others have received are not > > knowingly > sent by anyone. It is > > simply that once one of this type of virus arrives on your system it > > sets > itself up to use your > > Outlook address book. > > > > Of course if you refer to the "originators or designers" of the virus > then they are straight up cyber > > terrorists of one form or another (mind you some are simply teenagers > > with > a mis-directed > > technical skill)! > > > > I have previously said this, and for the sake of those who who may not > have seen it. Microsoft is > > generally targetted by these virus developers, and Outlook versions > > tend > to have security holes > > easily targetted. > > > > For a more secure environment, I suggest changing from using "Outlook" > > to > Pegasus Mail (totally > > free), or even Eudora Mail. Of course making sure that appropriate and > reliable antivirus software > > is installed. My recommendation here is esafe! > > > > John > > - > > > Karen > > > Jerrabomberra > > > > > > ______________________________ > > > > John Blue, > > PO Box 542 > > Mawson ACT 2607 > > Australia > > email: > > > > ______________________________ John Blue, PO Box 542 Mawson ACT 2607 Australia email: Thought for the day: Life is wonderful. Without it we'd all be dead.

This thread:

Re Magistrate Virus by Gabby & Karen Hayes <>
- Re Magistrate Virus by "John Blue" <>
  - Re: O/T Virus by "ejaycee" <>
    - Re: O/T Virus by "John Blue" <>
      - Re: O/T Virus by "Jimmy John" <>
        Re: O/T Virus by "ejaycee" <>
        Re: O/T Virus by "ejaycee" <>