| Ljudbojen.com https://ljudbojen.com/ |
|
| Virus https://ljudbojen.com/viewtopic.php?f=8&t=668 |
Page 1 of 1 |
| Author: | The Rocker [ 10 Apr 2003, 20:52 ] |
| Post subject: | Virus |
Har fått ett mail "info" där det står "Warning you may have a virus" och att viruset ska heta "W32/Lentin.F@mm". Jag har även fått massa mail från "postmaster@spa.se" där det står "MDaemon Warning - Virus Found". Det konstiga är att jag har kört Norton scan och det hittar inget virus. Är det nåt man ska ta på allvar? |
|
| Author: | scrotumbuffalo [ 10 Apr 2003, 21:34 ] |
| Post subject: | |
hittade den här infon: W32/Lentin.F@mm is a mass-mailing worm that arrives as an email with a randomly chosen subject and message body. The attachment will have a .bat, .pif, or .scr file extension. Possible message bodies include: Ur My Best Friend!! No Configuration is availabile Now Config madd U r so cute today #!#! True Love never ends I like U very Much!!! The worm will save a file with a random 4 character filename to the hard drive with the following text strings: iNDian sNakes pResents yAha.e iNDian hACkers, Vxers cOme & wORk wITh uS & f!@# tHE GFORCE-pAK sites by sNAkeeYes, cOBra W32/Lentin.F@mm will use its own SMTP engine to send a copy of itself to all the email addresses it has collected. It will also try to disable many antivirus packages and personal firewalls. Detection: Command Antivirus version 4.58.3 with definition files dated 06/21/02 will detect this worm. Manual Removal Instructions: Because W32/Lentin.F@mm will interfere with the launching of an .exe file, you have to copy regedit.exe to regedit.com before launching it. Be sure to make a backup of the registry before attempting to make any edits. Shutdown and restart the computer in safe mode. Run Regedit.com and modify the following key: HKEY_CLASSES_ROOT\exefile\shell\open\command This value should be changed to "%1" %* Empty the recycle bin. Shutdown and restart the computer. Empty the recycle bin again. Run CSAV and delete all infected files. http://kickass.at/pungbuffel<img src="http://www.linkoping.bonet.se/pungbuffel/scrotum.gif" border=0> |
|
| Author: | The Rocker [ 10 Apr 2003, 22:28 ] |
| Post subject: | |
<BLOCKQUOTE id=quote><font size=1 face="Verdana, Arial, Helvetica" id=quote>quote:<hr height=1 noshade id=quote> hittade den här infon: W32/Lentin.F@mm is a mass-mailing worm that arrives as an email with a randomly chosen subject and message body. The attachment will have a .bat, .pif, or .scr file extension. Possible message bodies include: Ur My Best Friend!! No Configuration is availabile Now Config madd U r so cute today #!#! True Love never ends I like U very Much!!! The worm will save a file with a random 4 character filename to the hard drive with the following text strings: iNDian sNakes pResents yAha.e iNDian hACkers, Vxers cOme & wORk wITh uS & f!@# tHE GFORCE-pAK sites by sNAkeeYes, cOBra W32/Lentin.F@mm will use its own SMTP engine to send a copy of itself to all the email addresses it has collected. It will also try to disable many antivirus packages and personal firewalls. Detection: Command Antivirus version 4.58.3 with definition files dated 06/21/02 will detect this worm. Manual Removal Instructions: Because W32/Lentin.F@mm will interfere with the launching of an .exe file, you have to copy regedit.exe to regedit.com before launching it. Be sure to make a backup of the registry before attempting to make any edits. Shutdown and restart the computer in safe mode. Run Regedit.com and modify the following key: HKEY_CLASSES_ROOT\exefile\shell\open\command This value should be changed to "%1" %* Empty the recycle bin. Shutdown and restart the computer. Empty the recycle bin again. Run CSAV and delete all infected files. http://kickass.at/pungbuffel<img src="http://www.linkoping.bonet.se/pungbuffel/scrotum.gif" border=0> <hr height=1 noshade id=quote></BLOCKQUOTE id=quote></font id=quote><font face="Verdana, Arial, Helvetica" size=2 id=quote> Tackar! Jag ska ta och kolla upp det närmare. |
|
| Author: | Dani [ 10 Apr 2003, 22:46 ] |
| Post subject: | |
Här finns ett verktyg som tar bort det. http://www.pandasoftware.com/library/W32LentinE_en.htm //Daniel |
|
| Author: | The Rocker [ 11 Apr 2003, 14:48 ] |
| Post subject: | |
<BLOCKQUOTE id=quote><font size=1 face="Verdana, Arial, Helvetica" id=quote>quote:<hr height=1 noshade id=quote> Här finns ett verktyg som tar bort det. http://www.pandasoftware.com/library/W32LentinE_en.htm //Daniel <hr height=1 noshade id=quote></BLOCKQUOTE id=quote></font id=quote><font face="Verdana, Arial, Helvetica" size=2 id=quote> Den hittar ingenting. Verkar vara nåt fejkvirus eller nåt... |
|
| Author: | bjoel [ 11 Apr 2003, 16:28 ] |
| Post subject: | |
Jag känner inte till hur just det där viruset gör, men ibland fejkar virusen avsändaradress. Detta innebär att ett virus kommit till nån person, vars virusprogram tror att du skickat det. Då skickar det varningen tillbaka till dig. Det <b>behöver</b> alltså inte vara ett virus hos dig bara för att du får såna mail. Däremot är det alltid en bra ide att ha en viruskollare igång. |
|
| Page 1 of 1 | All times are UTC + 1 hour [ DST ] |
| Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |
|