DejaNET Communications - Welcome To Our New Site!

Home  Stock Quotes  Auction  Classifieds Games Special Offers   Web Pages  E-Cards  ISP Alerts  Chat

W32.Nimda.A@mm 
SPECIAL ALERT
September 18, 2001 - MUSKEGON, MI - DejaNET Communications today has been informed of the presence of this new worm which was discovered today.  This is a mass mailing worm, which also spreads via open shares, and a Microsoft Web Folder Transversal vulnerability. The email attachment name seems to be limited to Readme.exe and uses the icon for an Internet Explorer HTML document. The virus contains the string : Concept Virus (CV) V.5, Copyright (C) 2001 R.P.China


More info is available from Symantec's web site:

http://securityresponse.symantec.com/avcenter/venc/data/w32.nimda.a@mm.html

Norton Anti virus will have updated virus definitions available soon.  At this time, there is no means of removal.  In the meantime, DO NOT DOWNLOAD OR OPEN ANY ATTACHMENTS.


UPDATE - September 19, 2001 - MUSKEGON, MI - Norton Anti virus with definitions dated 09/18/2001 now can detect and remove W32.Nimda.A@mm from infected systems.  Update your anti virus definitions immediately. All Windows 95/98/ME/NT and 2000 users are potentially at risk - even those machines not running IIS.  If your subscription has run out, please contact Virtual Concepts ASAP for renewal instructions.  IE 5.0 and 5.5 users are also at risk by simply viewing web pages served from infected IIS Servers.  If your computer has a version of Microsoft's Internet Explorer less than version 6.0 (or is without IE 5 with Service Pak 2 or later installed) you will then need to patch your browser by visiting  windowsupdate.com using your Internet Explorer browser.  Outlook Express and Outlook Users need to apply patches as well as users with IIS running also need to apply some extra patches.  Keep in mind the windowsupdate web site is very overloaded at this time.  We plan on making the patches available from this web page soon.  Windows IIS users may use the banner link at the top of this web page to check your system online.


There are many sites on the Internet being affected by various delays at this time due to the Code Red Worm, New York incident, and now this Nimda Worm.  Please be patient and try again at a later time if you are having bandwidth problems.


Also, just to clarify to anyone who has any doubts, the DejaNET Servers are hosted using Solaris from Sun Microsystems and not Microsoft's IIS, all of our web pages are created using Netscape Composer, and all emails are processed using Netscape Messenger so there is no possible link between our network, web pages, email and passing Nimda.  Nimda is passed by servers running IIS and by Outlook or Outlook Express users.  We have received reports from people in the past who were simply very ignorant and feared visiting our web site or any others discussing viruses/worms.  These pages are simply for YOUR education on how to protect yourself now and in the future and to make our JOB easier by not having to clean up after your mess.


Once again, DejaNET and Virtual Concepts On-Site Security services are available for anyone who cannot complete these tasks on their own at the rate of $65.00 per hour plus .23 cents per mile.  Feel free to contact us if you need help securing your systems and/or network, otherwise, attempt to follow the steps and info links that we have provided here on this web page.

Symantec has also released new info on September 19, 2001 about the worm at this web page with is worth a good reading:

New Analysis of Computer Worm Indicates Additional Destructive Payload - 09/19/2001 Symantec News Release
 

UPDATE - September 20, 2001 - MUSKEGON, MI - Through the strength of our OEM relationship with Microsoft (oh what joy!), we have also made these direct links available for users of Microsoft's Internet Explorer to obtain IE 5.0 or 5.5 updates which can be downloaded here if you are unable to utilize windowsupdate.com:


Microsoft Internet Explorer Critical Updates

Internet Explorer 6 can also be downloaded at this link (although a week or so ago it was recommended not to by most Internet related companies due to various bugs in the program - It might now be a good time to do so simply to rid yourself of any attempted virus/worm infection from the Nimda Worm): 


http://www.microsoft.com/windows/ie/default.asp

MORE INFO AND LINKS:

Virulent Nimda computer worm hits U.S., Asia - InfoWorld/Reuters

NIMDA: The Worst Worm Yet - ZDNet News

Home PCs At Most Risk From Nimda - ZDNet News

NIMDA'S Speedy Attack - Nimda Worm Strikes - TechTV Special Report

How To Avoid The Nimda Worm - TechTV

Microsoft Deflects Charges of Worm Woes - C-Net

New Worm Slows Some Internet Operations - C-Net

Microsoft IIS Patches - (Must Be Viewed Using IE - Microsoft Should Be Slapped With A Wet Razor Noodle For Such Stupidity)
 


 
Last Modified: 09/20/2001
Copyright 2001 DejaNET Communications