- Jul 11, 2001
- 40,426
- 9,941
- 136
I wasn't running NAV yet because I've been intending to reinstall everything anyway on my new system, but yesterday all my Inbox messages in my email client disappeared (Forte Agent .99)! I restored from a 3 week old backup but a couple hours later all my thousands of messages dating back 4 or 5 years disappeared again. I decided it was time to install my Norton Systemworks 2001, even if I'm just going to reinstall my OS and apps again from scratch. I'd like to know if this is being caused by a virus.
Well, I installed Systemworks, configuring everything to run manually except NAV. I did the LiveUpdate and scanned my whole system. Three infected files were found and the virus is W32.Nimda.A@mm(dll), the infamous recent nemesis Nimda virus, said to be a lot more dangerous than Code Red. Code Red didn't worry me since I wasn't running IIS (although I HAVE installed it on my Win2k Pro system). I can't imagine how I got Nimda, which is said to be propagated by running an attachment named readme.exe, which I'm sure I never ran. I guess there are other ways to get Nimda. My take on it is that I got it just browsing the Internet. Is that possible? The infected files were:
c:\admin.dll
d:\admin.dll
e:\admin.dll
NAV said the files could not be repaired. It indicated that Access to the file was denied in each case. My Win2k Pro system is configured to regard every user as the administrator and doesn't require even a login, therefore. Why would NAV be denied access? NAV recommended quarantining the files, and I did so by clicking the appropriate button in the NAV dialog.
I did a www.google.com search on Nimda and found a Symantec utility (free download) that will fix the Nimda virus problem (fixnimda.com). I ran the utility but it said the virus was in a number of places and in each case it said that the files could not be repaired and that "Access to the file was denied."
Typical file names and locations are:
C:\inetpub\scripts\TFTP1332
C:\inetpub\scripts\TFTP1436
C:\inetpub\scripts\TFTP1396
C:\inetpub\scripts\TFTP664
etc.
I have no way of knowing whether the Nimda problem is implicated in all my email Inbox messages disappearing. As I compute, messages continually pop up from NAV saying that the W32.Nimda.A@mm(dll) virus has been detected and that access to the file was denied, with an OK button. The infected file is always in the C:\inetpub\scripts directory. You click OK and then the same dialog appears saying that NAV was "Unable to repair this file." What's a guy to do? I'm lucky in that I was going to reinstall Win2k anyway, but suppose I weren't. And how can I be sure that the virus isn't hidden in my data somewhere?
Well, I installed Systemworks, configuring everything to run manually except NAV. I did the LiveUpdate and scanned my whole system. Three infected files were found and the virus is W32.Nimda.A@mm(dll), the infamous recent nemesis Nimda virus, said to be a lot more dangerous than Code Red. Code Red didn't worry me since I wasn't running IIS (although I HAVE installed it on my Win2k Pro system). I can't imagine how I got Nimda, which is said to be propagated by running an attachment named readme.exe, which I'm sure I never ran. I guess there are other ways to get Nimda. My take on it is that I got it just browsing the Internet. Is that possible? The infected files were:
c:\admin.dll
d:\admin.dll
e:\admin.dll
NAV said the files could not be repaired. It indicated that Access to the file was denied in each case. My Win2k Pro system is configured to regard every user as the administrator and doesn't require even a login, therefore. Why would NAV be denied access? NAV recommended quarantining the files, and I did so by clicking the appropriate button in the NAV dialog.
I did a www.google.com search on Nimda and found a Symantec utility (free download) that will fix the Nimda virus problem (fixnimda.com). I ran the utility but it said the virus was in a number of places and in each case it said that the files could not be repaired and that "Access to the file was denied."
Typical file names and locations are:
C:\inetpub\scripts\TFTP1332
C:\inetpub\scripts\TFTP1436
C:\inetpub\scripts\TFTP1396
C:\inetpub\scripts\TFTP664
etc.
I have no way of knowing whether the Nimda problem is implicated in all my email Inbox messages disappearing. As I compute, messages continually pop up from NAV saying that the W32.Nimda.A@mm(dll) virus has been detected and that access to the file was denied, with an OK button. The infected file is always in the C:\inetpub\scripts directory. You click OK and then the same dialog appears saying that NAV was "Unable to repair this file." What's a guy to do? I'm lucky in that I was going to reinstall Win2k anyway, but suppose I weren't. And how can I be sure that the virus isn't hidden in my data somewhere?
Facebook
Twitter