Earlier I posted this thread in General Hardware which was obviously the wrong forum so Im now posting here. Here is a link to the locked thread so I wont have to repeat everything that was said. Your help is appreciated. THanks!!!
Just got the Nimda virus, help!! What to do?
- Thread starter MiniThug
- Start date
See I used the removal tool and it could not find the virus and norton can no longer find it either but about 20 min ago norton gave me several alerts that some of my files had been infected. Im confused as to why they can no longer find the virus? I didnt think it could just dissappear.
You've run the removal tool since you got the warning 20 minutes ago?
Did you quarantine the files? Delete them? Name them "Sluggo"?
Did you quarantine the files? Delete them? Name them "Sluggo"?
nope, here check this out.
Norton popped up an alert that said:
Date: 10/7/2001, Time: 14:23:12, IUSR_CHASE on CHASE
The file
C:\inetpub\scripts\TFTP2456
is infected with the W32.Nimda.A@mm (dll) virus.
Unable to repair this file.
I got several of these pop up messages, about 20 of them. Scared me badly. I posted in the other thread what went on and someone suggested the clean utility. I ran it and it found nothing. I also ran a Norton Antivirus scan and it found nothing. Im very confused about it.
Norton popped up an alert that said:
Date: 10/7/2001, Time: 14:23:12, IUSR_CHASE on CHASE
The file
C:\inetpub\scripts\TFTP2456
is infected with the W32.Nimda.A@mm (dll) virus.
Unable to repair this file.
I got several of these pop up messages, about 20 of them. Scared me badly. I posted in the other thread what went on and someone suggested the clean utility. I ran it and it found nothing. I also ran a Norton Antivirus scan and it found nothing. Im very confused about it.
i work for a computer support service at my college where we get nimda / sircam / code red all the time. our official stance for nimda is that a re-format and re-install is necessary because of the possibility of trojan's being hidden on your system which CANNOT be removed with normal virus tools.
not saying you need to, but just saying that's my official way to be safe with nimda.
not saying you need to, but just saying that's my official way to be safe with nimda.
<< i work for a computer support service at my college where we get nimda / sircam / code red all the time. our official stance for nimda is that a re-format and re-install is necessary because of the possibility of trojan's being hidden on your system which CANNOT be removed with normal virus tools.
not saying you need to, but just saying that's my official way to be safe with nimda. >>
Which school do you go to? A girl on the first floor of my dorm room got a call. They told her that if she didn't remove it within 72 hours, they'll cut her account. The fool then said he wasn't good with computers but she could ask him anything. I spend a day fixing her nimbda. Like 90% done and I find code red II in her comp too. Win2k, explorer.exe has been currupted. I can't fall back on dos. I tried safe mode, even the one where you get a command prompt. I told her a format will be needed. Then, I just thought of something. I could install boot magic and install 98, then move a good explorer.exe file from my comp to hers.
Think that'll fix it? I might go through with the format anyways.
Assuming you've got the most up-to-date virus defs, you could boot from your anti-virus cd-rom and scan from there. Could delete the directory with the infected scripts. Could throw a brick at your computer... The list is endless 
If you just delete the directory with the infected scripts will you be okay? I thought it spread throughout the computer and hide itself places.
<<
<< i work for a computer support service at my college where we get nimda / sircam / code red all the time. our official stance for nimda is that a re-format and re-install is necessary because of the possibility of trojan's being hidden on your system which CANNOT be removed with normal virus tools.
not saying you need to, but just saying that's my official way to be safe with nimda. >>
Which school do you go to? A girl on the first floor of my dorm room got a call. They told her that if she didn't remove it within 72 hours, they'll cut her account. The fool then said he wasn't good with computers but she could ask him anything. I spend a day fixing her nimbda. Like 90% done and I find code red II in her comp too. Win2k, explorer.exe has been currupted. I can't fall back on dos. I tried safe mode, even the one where you get a command prompt. I told her a format will be needed. Then, I just thought of something. I could install boot magic and install 98, then move a good explorer.exe file from my comp to hers.
Think that'll fix it? I might go through with the format anyways. >>
i work for penn state. i wouldn't think that your idea will work. and in the time it takes to do that, you could easily have re-formatted, which is the best fix.
our school also will turn off student's connections if they get code red or nimda because of worries that they will suck up all the bandwidth and overflow smtp servers. also, if they don't turn it off, the students dont' realize how bad the virus really is!
Our ISP cut off our Internet service because our Win2000 Server was infected with Nimbda - they had us download and run the latest virus definitions from Norton and also upgrade the machine with Service Pack 2. Even after doing that I got some Norton warnings that Nimbda was still present, so I turned off the IIS service and it seems to be OK now.
Well Ive run every method I can find of detecting the virus and none have found it so far, also there are no .eml files on my system. I dont know why I cant find it anywhere after it alerted me earlier today. Any ideas? Any other symptoms I should look for?
Go to Computer Associates Virus Information Center, and select the links to nimda info. They have a free, downloadable program to help get rid of it.
Hope it helps. Good luck.
Hope it helps. Good luck.
See thats the problem though, none of these cleaners can find it and I dont think it just diappeared. I dunno if I have it or not now.
I was infected by Nimda last week. Still haven't tracked down the source, but it spread over our small network and caused thousands of *.eml and *.nws files to be spread throughout the hard drives. All these files had a size of 78KB.
I had to get the latest update from Norton and scan the drives repeatedly to remove it. A file named "Load.exe" had to be manually deleted from the Windows\System directory from the DOS prompt. There was an entry in the System.Ini file for:
Read More Here
I had to get the latest update from Norton and scan the drives repeatedly to remove it. A file named "Load.exe" had to be manually deleted from the Windows\System directory from the DOS prompt. There was an entry in the System.Ini file for:
- shell=explorer.exe load.exe -dontrunold
Read More Here
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 24K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter