Removing the W32.Nimda.A@mm from Windows 95/98

• Previous message: Russ: "Alert: Check your IIS boxes now!"
• Next in thread: Dan Browder: "Re: Removing the W32.Nimda.A@mm from Windows 95/98"
• Reply: Dan Browder: "Re: Removing the W32.Nimda.A@mm from Windows 95/98"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Message-ID:  <F9FB98D0AADE5340A3F623E11476DDCB099EFF@indicium.fit.edu>
Date:         Tue, 18 Sep 2001 16:09:10 -0400
From: Luis Rivera <lrivera@IT.FIT.EDU>
Subject:      Removing the W32.Nimda.A@mm from Windows 95/98
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

Hello Russ,

I am not sure if anyone has posted this info yet but we were able to
figure out how to remove the W32.Nimda.A@mm from Windows 95/98. So far
it has been effective,

1) boot in DOS mode
2) edit system.ini file in c:\windows
3) look for this line
        shell= explorer.exe load.exe -donotloadold

replace it with

        shell=explorer.exe

4) goto c:\windows\system
        1) run attrib -s -h riched20.dll
        2) run attrib -s -h load.exe
        3) del riched20.dll, 56kb (check the date on it, if todays date
delete it)
        4) del load.exe

If anyone has gotten further with win2k would appreciate the info.

- Luis Rivera
Florida Tech

======================================
Delivery co-sponsored by Trend Micro, Inc.
======================================
TREND MICRO SCANMAIL FOR EXCHANGE 2000 -- SECOND to NONE

If you are worried about email viruses, you need Trend Micro ScanMail for
Exchange. ScanMail is the first antivirus solution that seamlessly
integrates with the Microsoft Exchange 2000 virus-scanning API 2.0. ScanMail
ensures 100% inbound and outbound email virus scanning and provides remote
software management. Download a FREE 30-day trial copy of ScanMail and find
out why it is the best:
http://www.antivirus.com/banners/tracking.asp?siBI;$0&UL;=/smex2000
======================================

• Previous message: Russ: "Alert: Check your IIS boxes now!"
• Next in thread: Dan Browder: "Re: Removing the W32.Nimda.A@mm from Windows 95/98"
• Reply: Dan Browder: "Re: Removing the W32.Nimda.A@mm from Windows 95/98"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Removing the W32.Nimda.A@mm from Windows 95/98 ... Removing the W32.Nimda.A@mm from Windows 95/98 ... TREND MICRO SCANMAIL FOR EXCHANGE 2000 -- SECOND to NONE ... (NT-Bugtraq) Re: Alert: Some sort of IIS worm seems to be propagating ... Subject: Alert: Some sort of IIS worm seems to be propagating ... TREND MICRO SCANMAIL FOR EXCHANGE 2000 -- SECOND to NONE ... (NT-Bugtraq) Administrivia - Terrorism attacks September 11th, 2001 ... Administrivia - Terrorism attacks September 11th, ... TREND MICRO SCANMAIL FOR EXCHANGE 2000 -- SECOND to NONE ... (NT-Bugtraq) Reducing your Outbound Bandwidth ... TREND MICRO SCANMAIL FOR EXCHANGE 2000 -- SECOND to NONE ... ensures 100% inbound and outbound email virus scanning and provides remote ... (NT-Bugtraq) Re: Call to arms - INFORMATION ANARCHY ... both have PhD's and my mother was a fortran programmer way back in ... Delivery co-sponsored by Trend Micro, ... Earn 5% rebate on licenses purchased for Trend Micro ScanMail for ... Microsoft Exchange 2000 between October 1 and November 16. ... (NT-Bugtraq)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint