Tech Talk Discuss PC Hardware, Software, Internet and Other Technology

Anyone know about the Nimda virus?

Old 06-21-02, 07:20 PM
  #1  
DVD Talk Hero
Thread Starter
 
Th0r S1mpson's Avatar
 
Join Date: Apr 1999
Location: Seattle, WA
Posts: 36,443
Anyone know about the Nimda virus?

NIMDA and NIMDA-A
Okay, so all the computers on our network are infected with this thing. It put weird files in almost every folder on the computers. Anyone know how I might have contracted it here and what I need to protect? Anti-virus software is removing the files now, but I don't see how I got it in the first place. Probably Outlook I'm guessing.

Anyone know any details about this specific virus? (How it is spread, what it affects, etc)

Thanks... what a pain in the arse. My first run-in with a virus but it doesn't appear to have done any actual harm... yet. ARGH!
Th0r S1mpson is offline  
Old 06-21-02, 07:47 PM
  #2  
DVD Talk Legend
 
Join Date: Aug 2001
Location: The Last House on the Left
Posts: 12,294
I think it might cause you to post topics in incorrect forums.

Here's some information on it:
http://vil.mcafee.com/dispVirus.asp?virus_k=99209

What it does: This threat exploits various Microsoft vulnerabilities. It is contractible via web browsing, reading an email message, or simply running the IIS web server.

How to remove it: Removing this threat requires patching vulnerable systems, disabling network shares, and using the latest DAT files. It can not be removed manually.
Infected systems must:

apply the patches below
close any network shares prior to cleaning
exit any running applications
Stop a running IIS server
Scan and clean each drive
Restore the RICHED20.DLL and MMC.EXE files if they were overwritten by the virus and deleted by the scanner.

The patches are on this page and this page.

Last edited by WhoGirl; 06-21-02 at 07:52 PM.
WhoGirl is offline  
Old 06-21-02, 07:48 PM
  #3  
DVD Talk Hall of Fame
 
Lateralus's Avatar
 
Join Date: Jun 2001
Location: Valley of Megiddo
Posts: 9,569
Don't know much about Nimda virus, but I'll talk your ear off about smallball.


Actually try searching here: http://vil.nai.com/vil/default.asp

(There is a whole bunch of different ones)
Lateralus is offline  
Old 06-21-02, 08:00 PM
  #4  
Banned
 
Join Date: Jul 2000
Location: New England, USA
Posts: 16,046
My cousin had the NIMDA virus. It was dormant then chose to wreak havoc. Seek and destroy that bad boy before it destroys your PC ...
Soup Nazi is offline  
Old 06-21-02, 10:21 PM
  #5  
Banned
 
Join Date: Jul 2000
Location: New England, USA
Posts: 16,046
Originally posted by Thor Simpson
Where did I originally post this? I had two browser windows open and must have hit "New Thread" in the wrong one. My apologies
Oh, a little place that we refer to as the Sports Forum ...

Soup Nazi is offline  
Old 06-22-02, 01:08 AM
  #6  
DVD Talk Hall of Fame
 
Join Date: Apr 2001
Location: Eugene, OR
Posts: 8,242
I don't know if this useful now but there should be a removal utility on www.antivirus.com I remember running it on my computer. This is a bit different than an antivirus program as those catch the virus before it infects your system, the utility on the forementioned website removes the virus from the infected system.
dancinns is offline  
Old 06-22-02, 12:46 PM
  #7  
DVD Talk Hero
Thread Starter
 
Th0r S1mpson's Avatar
 
Join Date: Apr 1999
Location: Seattle, WA
Posts: 36,443
Originally posted by dancinns
I don't know if this useful now but there should be a removal utility on www.antivirus.com I remember running it on my computer. This is a bit different than an antivirus program as those catch the virus before it infects your system, the utility on the forementioned website removes the virus from the infected system.
Thanks!

Just what I needed. Hopefully the anti-virus software will keep it from happening again now that I upgraded. (fingers crossed)
Th0r S1mpson is offline  
Old 06-22-02, 01:32 PM
  #8  
DVD Talk Hall of Fame
 
Join Date: Apr 2001
Location: Eugene, OR
Posts: 8,242
Originally posted by Thor Simpson


Thanks!

Just what I needed. Hopefully the anti-virus software will keep it from happening again now that I upgraded. (fingers crossed)
you're welcome, I'm just glad to share my geekiness.
dancinns is offline  
Old 06-22-02, 02:41 PM
  #9  
Banned
 
Join Date: Jul 2000
Location: New England, USA
Posts: 16,046
Originally posted by Thor Simpson
Thanks!

Just what I needed. Hopefully the anti-virus software will keep it from happening again now that I upgraded. (fingers crossed)
It's been 2 hours. Can we get an update to this crisis?

Soup Nazi is offline  
Old 06-22-02, 08:54 PM
  #10  
DVD Talk Hero
Thread Starter
 
Th0r S1mpson's Avatar
 
Join Date: Apr 1999
Location: Seattle, WA
Posts: 36,443
Originally posted by Soup Nazi


It's been 2 hours. Can we get an update to this crisis?

My anti-virus software has found a couple instances of the virus, but was able to quarantine them. That's all that's happened since this morning. Once I get all the infected files dumped I hope it won't come back. There's your update, sorry it's late
Th0r S1mpson is offline  
Old 06-26-02, 03:17 AM
  #11  
New Member
 
Join Date: Nov 2000
Posts: 16
Real easy fix, I had this happen to me at a LAN party believe it or not.

Tear down your network, we ran Norton 2002 with the lastest definions. Do whatever NAV tells you to do, run a full scan (or 2 times if you're paranoid) on all computers. Make sure they are all "clean" then reconnect all the computers to the network. It should be gone, the problem you might have if you don't disconnect from the network is when you are running the anti-virus program to get rid of it one one machine, another machine will send it to one of your shared drives or directories on the machine you thought you just cleaned (this is why you disconnect from the network before you run the anti-virus).

Try that if ya want, virus' suck, and give us an update.

*edited for clarity
DravenCFH is offline  

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Thread Tools
Search this Thread

Archive Advertising Cookie Policy Privacy Statement Terms of Service

Copyright 2018 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.