Hello, I have about 800 infected files. I got hit by an E-mailed virus today. It created a file on two of my hardrives called "Old Outlook express", as well as infected numerous other files. The contens of this file is an almost a carbon copy of my hardrive itself. The virus literally cloned the drive inside a new file folder. It's weird.

The virus's are called W32.nimda.A@mm(html) and W32.nimda.enc

Norton found it, but it can't repair my files. I deleted the "Old Outlook Express" folders, but I still have roughly 800 infected data files.

Does anyone have any thoughts on how to deal with this?

well i'm not a techy and all that so the only input i can give to you when dealing with situations like this is to start crying and screaming like a girl!.
:) peace and that sucks dude glad i'm not you;)

Don't have time to go into details.

You got the NIMDA Virus, here is additional Info about it:

LINK (http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=nimda+virus)

1.) Follow instructions in the links above.
2.) Upgrade your Anti-virus Software
3.) Don't open ANY attachments unless you know what it is and ONLY after you checked them with the AV-Soft.

Cheers.

ok dude ... if you are connected through cable or dsl yank the fu ckin cable out of your nic IMMEDIATELY. get yourself off the internet. if there is any backdoor into your computer (which there most likely is) it can not be abused if you aren't connected to the net.

the next thing you want to do is start backing up whatever you can. if you really need to back up email make sure you at least delete as much as possible first (including the viruses obviously). after you are done backing up all your porn, music, favorates, drivers, save games, documents, and whatever other misc **** you have it's time to format.

do not simply reinstall windows. make sure that you are actually formatting the drive the virus is on. if you are running xp it will walk you right through it. you simply need to restart the computer with the disk in and read what it says .... if you are already framiliar with formating your question is kinda void buddy. hate to be the barer of bad news but its the only 100% solution. unless you know how to write viruses ... but even then i imagine formatting might be a lot easier.

lc ... i've cleaned and moved on before, but if he's got 800 infected files i would just go ahead and format.

then again i can't say i know much about how exactly viruses wok and i live by the old motto "when in doubt fomat c:"

Next time use a rubber.

(I know. It's not very helpful.)

hehe ... i hoestly think he's got the two best options listed though. he can get real involved read about it and how to clean it .. or he can be a simpelton like me and say fu ck it wipe everything.

i just recommend yanking the the netwok cable immediately. going to work at an isp, where im networked to a good many morons who wouldnt even know they had a virus for weeks, and thinking of what the 2 500lb admins would do to me if that sh it got around has made me a little paranoid. course its not nearly as bad on dialup.

Originally posted by GunnedDownAtrocity
lc ... i've cleaned and moved on before, but if he's got 800 infected files i would just go ahead and format.


I don't know what AV-Soft he is running, or how well it can remove that particular virus.

Theoretically the AV-soft should be able to clean most if not all of those files in 2 or 3 runs.
As for disconencting from the Net, by now the Virus has already replicate itself unto other machines.

Outlook Express is the pits as 99% of all Viruses are spread via it.

Ditch MS-Soft whenever possible and your system will run faster, smoother and with less problems.

My Company is replacing ALL the windows machines with Linux soon.
:D

Cheers.

I don't know what AV-Soft he is running, or how well it can remove that particular virus.

Theoretically the AV-soft should be able to clean most if not all of those files in 2 or 3 runs.

Norton found it, but it can't repair my files. I deleted the "Old Outlook Express" folders, but I still have roughly 800 infected data files

"Outlook Express is the pits as 99% of all Viruses are spread via it."


you can turn off attachments in oe for morons, but i hear where you're coming from 100%. i personally dont have problems with it, but maybe i have just been lucky. norton has been able to find everything incoming and i simply forwarded it to a couple of our admins with VIRUS in the subject and delete it.

"Ditch MS-Soft whenever possible and your system will run faster, smoother and with less problems.

My Company is replacing ALL the windows machines with Linux soon."

m$ 0wNz j00 n3wB :)

The AV engine cant remove Nimda. You need to downlaod the cleanup tool that runs as the systems account, get your PC into safe mode and let her rip.

When you think its finished, reboot your PC and run the tool again to make sure it hasnt re-surfaced. Patch your IE clients, and remove any active-X from your IE/OE if you dont need it. Make sure you turn off preview pane on OE and patch your IIS4/5 if you are running it.

O-well. apart from that, fdisk and look for a slackware 9 CD :)

Oh no man HACKERRS SUCK!!!

Who Would create a virus for Any Reason??? ****. Thats like making A Frankesntein. Man bad karma.

????

Ok, I went to the Norton site, and uploaded ther "Update" files. It's cleaning the virus out now, all except about 100 "README" files which I deleted.

Wouldn't you know it, as soon as I was done, some a$swipe sent me another one?

I got two last January wile I was building my new system, because I ws too much in a hurry to "Check the boards" and did so as soon as it was up instead of taking the time to install the Firewall and Norton, and now two more times in the same day through my E-mail.

I don't even leave my backup drives plugged in anymore. Just incase. I plug them in, do a back up, and unplug them again.

sorry for talking to you like you were a little kid rd .... i didnt know how much you knew and its the way you got to talk to some of these morons.

glad norton had an update that took care of it ... i just format cause im paranoid. plus i do it so much cause i'm anal about game performance i can be back up with all my progs running in under an hour and a half.

you did run the cleanup tool (which is different from the AV updates) ?

Anyways, virii has their good points. Without virii, most administrators would not hurry to patch machines for vulnerability. At least, until all your credit cards have been stolen and cleaned out.

Worms like Slammer have no payload except a recurring socket send, and runs on the stateless UDP. These sorts of virii, although caused networks to halt to a stop, is a sure sign that some firewall admins and security admins at your local bank has been falling asleep at their desks ...

Hence, apart from the obvious bads, it's isnt ALL bad ...

Originally posted by Unstoppable
Oh no man HACKERRS SUCK!!!

Who Would create a virus for Any Reason??? ****. Thats like making A Frankesntein. Man bad karma.

????

hackers are great. Look at where security is now, because of them.

as far as i know it's always much easier just to repartition the hard drive. any attempts to clean out a virus are usually much more painstaking then just starting fresh. and even after you "clean out" a virus there's no guarantee that it's completely gone or that you've corrected the damage it caused. i'm with gunned down att. on this one... porn and music are so easy to replace anyway.

Ok, I got it out of my system, but osmeone E-mailed me two more today. They were differebt viruses, adn my Norton portected me, so I'm OK, but I'm now running my system with one drive permenantly disconnected, except for when I do a backup..

I have GIGS! of irreplaceable Tai Tzu research, contacts, lineage history, construction and curriculem makeups and organisations, as well as contacts, addresses, phone numbers, video clips of Tai tzu families world wide. I can't afford to lose that. It took me close to 5 years to aquire it all.

I won't loses any of the system, but I'd lose all the explanations of what I have in text book manuals and video files. I can't take the chance.

So, does anyone know of any good E-mail clients that are more virus secure than Outlook Express? These are comming in to my system via my E-mail. For awile before, the Moo was trying to hack my system, and sent me several viruses, but once I got my firewall back up, all was cool. Now I'm covered there, but still vulnerable form my E-mail. I don't know if it's them or not, but ths is getting damm annoying.

Any thoughts guys?

RD.

Incredimail, npop and a host of other 3rd party stuff should set you right.

Go to download.com or a similar site and you will find plenty.

If you only get mail from 1 pop-server ditch IE and go Netscape, Mozilla or Opera.

Most of the soft above are free or very cheap, some don't handle "html tag" mails though.
Which in my Eyes is a good thing.

Also check your settings careful, some of them allow you to receive the E-Mail, but won't download any attachments till you say so.
This way you can read the mail and decide if you want the attachement or not.

As for securing your Data, get a Zip or MO-drive. if you got CD-R or DVD-R you can make backups to those too.

CD's can hold about 630MB of Data
MO-Drives can now hold 1.2 GB of Data.
DVD's can hold about 4.7 GB of Data.

Cheers.

HI,
Thanks. I'm probably going to go get a DVD because i have enough Tai Tzu research on my systemto almost filll on DVD right now. Infact almost 1/3 of my system is Tai Tzu research alone. If I printed it, I'd probably have a phone book sized manual. Most of it is E-mail couraspondances that are irreplaceable.
Of course I was also PO's when my "Naked Girls" file got a virus too. :eek: There was something "Strangely" disturbing about that.

I use Eudora, it seems to do everything I could really want, and is free so long as I don't mind an ad box in a corner of the screen that I honestly cannot imagine being able to use given the layout of the interface.