Solved

Nimda Complications

Posted on 2004-09-14
6
208 Views
Last Modified: 2010-04-12
I was over at a friend's dorm today and she showed me her latest computer woe, Norton Anti-Virus said it had found Nimda all over her computer.  To my knowledge, the infected files were all .eml templates from Outlook Express.  Anyway, I assumed it was Nimda.E and ran the removal tool provided on Symantec's website, but the tool said the virus wasn't found on any system files.  I ran the Nimda.A removal tool and the same thing happened.  So what we have here is a case of Norton Anti-Virus finding and classifying the virus as Nimda... but being unable to remove it.  The provided removal tool supposedly fixes the virus... but can't find it.  Where do I go from here?
0
Comment
Question by:CommanderKafka
  • 3
  • 2
6 Comments
 
LVL 21

Expert Comment

by:jvuz
ID: 12061727
Check with stinger:

http://vil.nai.com/vil/stinger/
0
 

Author Comment

by:CommanderKafka
ID: 12069680
I ran the stinger program and it said that all the files were clean... for right now I'm gunna wait a bit and see if she has any more pop-up warnings from Norton, we don't know whether or not that actually removed it or just said the files were clean.  Does anyone else have any more suggestions?
0
 
LVL 6

Expert Comment

by:akboss
ID: 12080649
What OS?

If it is XP or ME then disable systems restore and run your spyware removers and anti virus in safe mode.

0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:CommanderKafka
ID: 12092433
I've tried your method, akboss, and it didn't find anything else.  The gal I'm doing this for really doesn't want to have to reformat, is there any other way?
0
 
LVL 6

Accepted Solution

by:
akboss earned 500 total points
ID: 12093184
0
 

Author Comment

by:CommanderKafka
ID: 12094300
No, that's a new one to me!  I don't know if it will work, but I'm going to try.  If it doesn't, I'm just going to reformat her harddrive and chalk one up for the virus writers.  Either way, I'm awarding you full points for helping me and turning me onto this great resource, it should be very useful to anyone with a similar situation.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
In every aspect, security is essential for your business, and for that matter you need to always keep an eye on it. The same can be said about your computer network system too. Your computer network is prone to various malware and security threats t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now