Hello,

One of our server is infected by the virus Nimda.Is there any free virus scan that I can installed so the virus can be removed?I try the AVG 6.0 Antivirus Scan but cannot successfully remove the virus.


Thanks

Try the symantec website. They have removal tools

www.symantec.com

There is a little utility from Symantec as above. You need to clean up the code red worm with it which opens up nimdas hole.


On another note did you know the name nimda came from the word admin spealt backwards :)

ah.. why don't u get some latest virus?? :D
let me think... umm.. last time we had nimda attack we could use the symantec tools effectively and also tools provided in mcafee website.

nimda leaves lotta .eml files (its potential hiding places) so make sure to find them all & delete them

and check your services for the presence of that funny nimda service

good luck!

Grisoft offer a free virus scanner: http://www.grisoft.com

With Nimda, the best way to make sure you are rid of it is to do a fresh install :(

I am also in trouble with Nimda Virus. I run AVG from Grisoft. The viruses are Nimda.A, Nimda.E and Nimda.htm. AVG deletes them but I dont see any permanent solution. I have to run it twice a day - at least.

There is a tool from Microsoft to protect you from Nimda and Code Red. Also use IIS lockdown too I advise

that damn virus took us all day to fix yesterday, we had to go to each of the 200+ computers and manually check them out. People are fools and dont run the antivirus software. Someone who wasent running it, got the virus, then it spread via the shared drives. Those who also were not running it got it. THose who ran the antivirus software got the message saying it was removed. My suggestion is that if you wrong antivirus software, I see no future problems from it. Have it monitor the files, incomming and outgoing, you should be warned when it attempts to get in.

Ya..I did installed the AVG from Grisoft but it can't clean up the Nimda virus...Now I am downloading the removal tools from the Symantec and performing the scanning...Guess what??There are total of 63 files infected by this virus and all is .html file some where in my customer folder...


:bawling:

It infected my personal home server within 24hours of me installing 2000 server :rolleyes:

What exactly does it do? I haven't figured what Nimda/Code Red actually do that's bad? (Call me a noob if you like ;))

Dont install Windows 2000 and WIndows NT server while connected to the Internet...You will get Nimda/Code Red very fast.

What you should do is install W2k or NT4 OS, then download all the patches service packs from Microsoft from a separate computer and install them before you connect the servers to the Internet.

Originally posted by andy18
Hello,

One of our server is infected by the virus Nimda.Is there any free virus scan that I can installed so the virus can be removed?I try the AVG 6.0 Antivirus Scan but cannot successfully remove the virus.


Thanks


**** a nimda worm :angry:

as suggested above checkout the mcafee website also for their cleaner, in some of our computers it outshone the norton tool.
as it created bootable floppy and scanned whole pc with it... i had put the delete files in the config files... so it found the .ml etc files and deleted it. pls be sure that if u like to keep infected files, it'll be pain in ur ... again.

Same in case of Norton AV, delete all the quarantined items, backup items done by norton.

and reboot (cold boot) the machine immediately after one scan as precautionary measure. etc.

As norton said to stop the service of fp (can't remember its correct or not fp or lp... ) It may not be successfull, give a second try... and restart the pc and check the service... if its not present... try to look for file fp.exe or lp... and delete it.

Many times this manual things also put back the things fast.

After all these operations, i got installed the latest Norton AV with latest Antivirus data. Its never been a problem again.

Thanks :)