Re: Nimda is bothering too much..

From: x y (jamescagney90210@excite.com)
Date: 05/16/02


From: "x y" <jamescagney90210@excite.com>
Date: Thu, 16 May 2002 00:42:02 -0400


"bhavana" <bhavana_21@yahoo.com> wrote in message
news:3a2101c1fc40$d67ac0c0$b1e62ecf@tkmsftngxa04...
> Hi
>
> My system was corrupted with Nimda virus. Though I could
> remove it using the antivirus software, I was suggested to
> format and re-install windows , and I did the same.
> Now after formating and installing it reappeared, don't
> know from where,within few hours of re-installation.
> Could be from my back-up files or either because I was
> connected to net. But I hardly downloaded any stuff from
> the net nor do my back-up files are corrupted to the best
> of my knowledge.
> So I deleted the files that were corrupted by the virus.
> I deleted Admin.dll , which the virus creates at its
> initial stages and then some files from inetpub/scripts
> which were created by the virus.After that, I checked the
> system for any viruses by running the antivirus software.
> It says virus-free.
> Do you think there is some security hazard or is my
> system prone to more such attacks . Does deleting the virus
> require formating the system again. No major files have
> been deleted I guess.
> Are there any free downloads of antivirus software,
> which can remove the bugs totally.And suppose if a system
> is corrupted and a bug-free tool has been run to
> remove/repair/delete the virus, do we need re-installation.
> Atleast re-installation of the programs that were
> corrupted? I guess re-installation is only if you think
> your system has been totally corrupted or if you think
> there is a security hazard. Am I right?

Reinstallation is if it is important to you to be sure that your system is
very secure from being hacked again. The reason is that while your system
was vulnerable, there is no way to be 100% sure whether a hacker installed a
back door to allow him to get back into your system again later. So, even
though you have antivirus, you may still be vulnerable. It's up to you to
decide how secure you want to be. You definitely need to SECURE the system
before you put it on the internet using the instructions in this newsgroup
and at www.microsoft.com/security. For example, you need to install all the
latest Microsoft security patches, download and install IISlockdown
including URLscan, www.gfi.com LANguard file integrity checker,
www.mynetwatchman.com software, have a software and hardware firewall
starting with Sygate and Netgear at the inexpensive end, etc. etc.

Fresh installation of Windows with no security patches installed is
definitely vulnerable to Nimda and many other security problems. I suspect
this is the root of your problem.



Relevant Pages

  • Answers to frequently asked questions - 17SEP03
    ... I have this mystery re trying to install Norton ... Internet Security 2003 on my XP Pro. ... > specific virus, please tell us what it's name is! ... > date with antivirus software and more importantly ...
    (microsoft.public.security.virus)
  • Re: Outlook Express freezing
    ... I have ran virus checker and found ... Because of this tendency of attachments to infect, Microsoft has now set OE to block all attachments. ... Cannot Open E-Mail Attachments in Outlook Express After You Install SP1 ... If you choose to adjust OE to allow attachments, make sure you save the attachment to disk first and then scan it with your antivirus software. ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: OE6 slow after installing SP2 patch
    ... I isolated the problem to Norton Internet Security ... >> attachment to disk first and then scan it with your antivirus software. ... >> when it attempts to remove a message containing a potential virus. ... >> attempting to infect your system, and will block you from doing so. ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: What are some of the files to Look For...
    ... i want to determine what virus it is already. ... opened the security patch but if someone else opened in my ... >I couldn't install it. ... >Today I'll find out if the originally reported infections ...
    (microsoft.public.security.virus)