NIMDA Removal
From: Isherwood Jeff C Contr AFRL/IFOSS (Jeffrey.Isherwood@rl.af.mil)Date: 09/19/01
- Previous message: Allen Smith: "Re: the better worm tutorial"
- Next in thread: Johannes Verelst: "Re: NIMDA Removal"
- Reply: Johannes Verelst: "Re: NIMDA Removal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <50D01D71BB8CD411AD850000D11B4B45B1CA63@FSJREZ02.adm.rl.af.mil> From: Isherwood Jeff C Contr AFRL/IFOSS <Jeffrey.Isherwood@rl.af.mil> To: incidents@securityfocus.com Subject: NIMDA Removal Date: Wed, 19 Sep 2001 10:48:15 -0400
Now that everyone has had a chance to look at it (I'm sure many folks
captured live copies of this bugger).
AV Sites around the world are coming out with tools to fix and remove it. I
hate those tools.
Sat down and went over everything this one does, based on the live sample
and data on the list, as well as a few contributions from other sources. I
think I've got it all down now.
Did I miss anything?
- text/plain attachment: Nimda_Removal.txt
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: Allen Smith: "Re: the better worm tutorial"
- Next in thread: Johannes Verelst: "Re: NIMDA Removal"
- Reply: Johannes Verelst: "Re: NIMDA Removal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
