« previous next »
Pages: [1]   Go Down

Author Topic: Win32:Nimda[drp]  (Read 6037 times)

0 Members and 1 Guest are viewing this topic.

petrus

  • Guest
Win32:Nimda[drp]
« on: October 06, 2004, 12:04:28 AM »
 This virus is in my system volume information according to the Avast thorough scan. What is it and how to get rid of it? Avast seems to be unable to remove or to delete it.
Logged

whocares

  • Guest
Re:Win32:Nimda[drp]
« Reply #1 on: October 06, 2004, 12:06:36 AM »
Hi,

please read the link "VirusRemoval" below in my sig and follow the link/howto for disabling RESTORE; after a reboot, the file/alert will be gone

Also please secure your system/browser/Email-Client better..  ;) ;)

P.S.: Some info on Nimda:
http://www.avast.com/eng/viruses/older_windows_viruse/win32nimda.html  
 VGREP
--> follow the red links to Trendmicro, symantec, mcafee
« Last Edit: October 06, 2004, 12:15:40 AM by whocares »
Logged

petrus

  • Guest
Re:Win32:Nimda[drp]
« Reply #2 on: October 06, 2004, 08:26:53 AM »
 Thanx for advice but unfortunately that was all Greek to me. I don't understand anything about computers. Is the virus very dangerous (doing great harm to my computer)? If Avast can't remove it for me then it stays there. I cannot remove it myself according to Greek instructions. ::)
Logged

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31079
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re:Win32:Nimda[drp]
« Reply #3 on: October 06, 2004, 09:02:03 AM »
Quote
This virus is in my system volume information
Looks to me this is one those detections caused by system restore.

- Disable system restore (INFO)
- Reboot
- See if the problem is solved.
Logged

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11855
    • AVAST Software
Re:Win32:Nimda[drp]
« Reply #4 on: October 06, 2004, 09:29:30 AM »
Eddy is right, the file cannot be accessed because it's protected by the operating system. Disabling system restore should help.

In any case, you don't have to worry about the file. Nimda [Drp] is a small piece of code that Nimda worm appends to HTML files. The purpose of this code is to activate the real Nimda worm that should be placed in the same directory. Without the real Nimda worm body (which is probably your case), the code is not dangerous.
Logged

petrus

  • Guest
Re:Win32:Nimda[drp]
« Reply #5 on: October 06, 2004, 10:05:56 AM »
 Thanx for the kind advice guys, the only problem now is that the page(INFO) tells  how to do it when it's Windows Millennium not Windows XP which is what i use. I need clear instructions otherwise i'm lost. :o
Logged

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31079
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re:Win32:Nimda[drp]
« Reply #6 on: October 06, 2004, 10:22:06 AM »
Sorry copied the wrong ms-kb, here is the correct one.

http://support.microsoft.com/default.aspx?scid=kb;%5BLN%5D;310405

ps: you could ofcourse have looked in the build in help in XP ;)
Logged

petrus

  • Guest
Re:Win32:Nimda[drp]
« Reply #7 on: October 06, 2004, 10:40:48 AM »
 Many thanks to you both. Can't help feeling blonde as far s computers are concerned :o ??? It seems the problem is solved. ;D
Logged
Pages: [1]   Go Up
« previous next »