poserpro opened this issue on Sep 26, 2002 ยท 12 posts
poserpro posted Thu, 26 September 2002 at 1:52 PM
Hello, guys and girls, few days back, I posted a message informing I got suspicious virus infection which Norton failed to spot. Now after more a week of dilemma and ordeal experience, I finally removed the virus, it is called W32.Nimda.a@mm, which creates lots of *.eml and *.nws files that eat up your system. Here is the solution and I hope to help someone else who might have this problem like I did. http://securityresponse.symantec.com/avcenter/venc/data/w32.nimda.a@mm.removal.tool.html just dld the Fixnimda.com to do the necessary removal process. I luckily save all my 4GB Poser files with this babe. And thanks for velen for his inpur at the message I posted. :)
c1rcle posted Thu, 26 September 2002 at 1:59 PM
glad to see you got it sorted :) did you check your system restore? it can hide in there, I found that one out the hard way when it came back after a couple of days
montane posted Thu, 26 September 2002 at 2:56 PM
Thanks, poserpro. Useful info.
poserpro posted Thu, 26 September 2002 at 3:13 PM
Also w32.nimdaE is another virus I just found with online virus check, try to get the removal at http://securityresponse.symantec.com/avcenter/venc/data/w32.nimda.e@mm.removal.tool.html for FixnimdaE.com I still can't remove the viri from within win2000 system, but win98 seem OK so far. BTW, c1rcle, how to check system restore ?
poserpro posted Thu, 26 September 2002 at 3:20 PM
I assume System Restore means to restore it back to its initial state after first stalation ? But I am running at win98 and win2k, not Me or Xp which has such function.
praxis22 posted Thu, 26 September 2002 at 5:35 PM
Odd, Norton had no problem with Nimda at work, haven't seen one in the logs for a while mind you, mostly KlezH & Yaha at the moment, plus one reported sighting of Sircam. Have you got bloodhound (heuristics) on full? Has your subscription to liveupdate lapsed? If it has you can get intelligent updater downloads manually at www.filelash.com Safest thing to do is ditch Outlook and get yourself a less vulnerable mail client. later jb
lesbentley posted Thu, 26 September 2002 at 7:05 PM
Praxis22, any sugestions for a good mail client?
queri posted Thu, 26 September 2002 at 7:39 PM
I'm not Praxis, but after a bout with Nimda last year, I now use Mailwasher to check my files before downloading them off my ISP. www.mailwasher.net I keep spam to a minimum that way too. Got the suggestiion from a gentelman on this forum. Since then only 2 virus have even reached my computer-- and Norton got those. I was getting 6 or 7 alerts a day! Emily
poserpro posted Thu, 26 September 2002 at 8:23 PM
my win2k is not clean now, so my virus problem should be gone for now. thansk for all concern and caring words. ;) in a nutshell, never use Outlook, as I seldom use it , but the day I had to use it to get another mail file, I got the week-long agony the following day I instlaled Outlook. Outlook Express makes Outrageous result I experienced. I now use Eudora as alternative mailer.
EricofSD posted Thu, 26 September 2002 at 8:56 PM
Nimda worm is addressed on the norton site. There's a special cleaner patch and instruction that you can download. Keep your definitions up to date and look at their site from time to time. Also, you might find it useful to review from time to time the McAffee and Computer Associates site. I've found that no matter what virus engine you have, there is no one engine that does it all. One of the competitors may have a patch, or directions sooner than another. That's not to knock Norton AV. We use CA at work and I use Norton at home, and we use McCaffee on the laptops.
c1rcle posted Fri, 27 September 2002 at 2:21 AM
sorry poserpro I assumed you were running WinMe or XP they both have system restore, it's backup folders can get infected then the only way to get rid of the virus from there is to shut down system restore, which can be dangerous as well.
Penguinisto posted Mon, 30 September 2002 at 3:22 PM
I've had a cure for Nimda since before it was out: http://www.redhat.com :p Seriously though; I would like to mention that relying on System Restore or whatnot would be just as dangerous as not cleaning a virus at all... many virii nowadays are time-bombs, sitting idle and slowly spreading for awhile until some preset or random date, then going boom. Using the 'system restore' features would simply reset the clock if you're restoring to a previous but still-dirty state. IOW - it's false hope, no matter what OS you're using. This is why most smart admins (even on *ix boxes) don't automatically restore their OS from tape backup, or won't bother with the XP (or IBM) "System Restore" feature. Instead, they'll rebuild the OS itself from scratch, restore config files that were backed up the hour they were first created (or last updated), test for integrity, and throughoughly rinse the user data with a known working virus checking routine before re-installing that. Sorry guys, it's just that all this hoopla about "system Restore" is nice for things you can catch instantly like a horked-up config or driver caused by user error or a corrupt download, but for virii and security breaches, it is 100% useless and IMHO a waste of disk space. /P