Here are the instructions how to enable JavaScript in your web browser. Platform :. Disinfection was added in the updates from September 19th, EET. F-Secure Anti-Virus with the latest updates can detect and disinfect Nimda infections. But full disinfection of the worm will require some additional manual actions. If you wish to do them by hand, follow the instructions below. If you're running Windows ME, you need to turn off the Autorestore functionality before starting any disinfection.
Turn it back on when done. To disinfect the worm and restore security of affected workstations, please follow these instructions:. This can happen even if you're using a patched version of IIS or something else entirely such as Apache or Netscape. If there are infected computers in your organization, their local html files get infected. Users might then later copy or upload such infected pages to your www server.
Alternatively, if your www files are accessible via file sharing the worm might infect them directly from a workstation. EML"; and remove the extra Javascript code from the end of the pages. If your web site is running an unsafe version of IIS, the worm can infect your site by accessing it through http. After this it will restart spreading from your server.
In this case, it is not enough to just clean the virus - your web server is unsafe and has been so for a while. It's likely there have been previous illegimate accesses to your site as well and it should be considered compromised. We recommend rebuilding the web server and applying latest patches before restoring clean copies of the html pages. Remember, F-Secure Management Server 4. Keep them patched.
F-Secure Policy Manager Server 5. A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part.
If you wish, you may also:. First check if your F-Secure security program is using the latest detection database updates , then try scanning the file again. After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis. NOTE If the file was moved to quarantine , you need to collect the file from quarantine before you can submit it. If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.
Note You need administrative rights to change the settings. Find the latest advice in our Community. See the user guide for your product on the Help Center. The newest version is known as "Nimda v ersion e. So far, the worm's activity has been primarily confined to Asia, where antiviral companies reported thousands of infections shortly after the worm was released. Times techies first blamed their clogged servers on a denial-of-service attack, saying the system had been "hit by a storm of data.
Times chief information officer Michael Williams later confirmed that the system had been infected by Nimda. The worm's attempts to spawn itself across the Times ' network brought the system down.
Federal courts in south Florida are the latest victims. Nimda hit the courts' systems on Halloween, and crashed servers completely on Monday. Court workers can now access only the paper versions of thousands of case records. The system won't be purged of the worm until Friday. The painful shame of owning an Android phone. Best Apple iPad deals available right now: January Best keyboard Because you deserve better.
You agree to receive updates, promotions, and alerts from ZDNet. You may unsubscribe at any time. By signing up, you agree to receive the selected newsletter s which you may unsubscribe from at any time. You also agree to the Terms of Use and acknowledge the data collection and usage practices outlined in our Privacy Policy. What are you looking for?
Preferences Community Newsletters Log Out. Written by Robert Lemos , Contributor. Robert Lemos Contributor Full Bio. Please note that these patches do not include Outlook Express. Click here for help with installation or for more information regarding this patch.
Don't open attachments! One of the best ways to prevent virus infections is not to open attachments, especially when viruses such as this one are actively circulating. Classification Category :. Type :. Aliases :. Summary Nimda. Other minor differences are as follows: 1. The worm uses COOL. DLL name to upload itself to webservers 2. DLL name to start from on servers 3. EXE name to copy itself to servers This version of Nimda has few serious bugs that allow it to infect files several times and to jam NT systems considerably.
Removal Automatic action Suspect a file is incorrectly detected a False Positive?
0コメント