Re: nimbda a & NAV 2002

Sat, 09 Mar 2002 14:14:29 -0800 

Well, as far as I know Nimda, it is very agressive virus. It multiplies very
quickly. So, if your client have one file on computer that is not scanned
and is
infected, this is normal behaviour.
If I were you, I would go to her, backup all necesarry files on some other
machine,
scan them (on that machine, which is clean, I assume), download latest
antivirus program
(I prefer SOPHOS - you can download it for free, but it won't upgrade itself
if it is not licenced
copy), install it, reboot computer in safe mode and tell SOPHOS to scan all
files (default
is executable), archive files (default unchecked) and shred any infected
file.
You'll see. If there won't be any infected files, I'm out of my ideas. But
this helped everywhere
I've done.
There could be one more problem. Nimbda spreads itself through shares, web
sites and mail, so any
machine on network is potentionally infected. If there is any MS-IIS server,
it is infected for sure.

In fact, on SOPHOS side (www.sophos.com), you can get tool to disinfect
Nimda-A
and Nimda-D (www.sophos.com/support/faqs/nimda.html). And there you can find
virus analysis:
www.sophos.com/virusinfo/analyses/w32nimdaa.html.
Those links I foud this very moment on SOPHOS's web site.

          aleksander zejn, Zejn d.o.o.,
          www.security-solutions.info

----- Original Message -----
From: "Ryan P Zagata" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 05, 2002 11:23 PM
Subject: nimbda a & NAV 2002


> Question:  a few weeks ago I installed Norton Anti-Virus 2002 on one of my
> clients computers...I configured it with NAV Auto-Protect Enabled and Live
> Update continually updating the virus definitions.  when performing the
> initial scan, 4 viruses were found and the files were quarantined.  I
later
> deleted the files.  However, the issue of the nimbda a virus came up and
the
> file was unable to be deleted.  I deleted the directory from the command
> line.  I rescanned the drives and everything came up clean.  Now, about 3
> weeks later, my client calls and she is continually getting Nimbda virus
> warnings on  her Windows Me machine...she will quarantine the file and
then
> continue, but she is getting quite a few pop-ups.  Any suggestions?  Are
> there any simple fixes for this?  I really do not want to do another site
> visit.  Much appreciated.
>
> Regards,
> Ryan
>
>
>
>
> _________________________________________________________
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com
>
>

Reply via email to