|
|
| Immediate Delivery |
 |
| 449 KB |
 |
|
Publisher's description of W32 Nimda Emm Removal Tool
|
|
|
|
Symantec has provided a tool to remove infections of W32.Nimda.E@mm Symantec has provided a tool to remove infections of W32.Nimda.E@mm
This tool is designed to remove infections of W32.Nimda.E@mm. It will not remove infections of W32.Nimda.A@mm. If you need to remove a W32.Nimda.A@mm infection, obtain the W32.Nimda.A@mm Removal Tool.
The W32.Nimda.E@mm Removal tool does the following:
Terminates all processes associated with the virus.
Terminates the Explorer.exe process and relaunches it. The virus injects itself into Explorer.exe, which makes this step necessary. Because of this, you may see the desktop flash (this is expected behavior).
Detects all types of W32.Nimda.E@mm infections. Repairs those files that can be repaired. Deletes .eml, .nws, .doc, and .txt files that have been detected as infected.
NOTE: The tool will not delete .eml files in cases where the extension is not one of the four mentioned above. For example, a file with the double extension .eml.bad will not be deleted. You must manually delete such files.
Repairs the System.ini file by removing the modifications made to the shell= line.
Removes the guest account from the Administrator group and disables the guest account in the Guests group.
Repairs multiple HTML infections.
Returns shared drives and folders to default security settings.
Command-line switches available in this tool:
/NOFIXSHARE - Disables share repair (use of this switch is not recommended).
/NOFIXREG - Disables registry repair (use of this switch is not recommended).
/SILENT, /S - Enables silent mode.
/LOG=[PATH NAME] - Creates a log file where [PATH NAME] is the location in which to store the output of the tool.
/RWPWD=[PASSWORD] - Applies this password to Windows 9x Read/Write Shares
/ROPWD=[PASSWORD] - Apply this password to Windows 9x Read-Only Shares
/MAPPED - Scans mapped network drives.
Once a system has been attacked by W32.Nimda.E@mm, it is possible that the computer has been accessed remotely by an unauthorized user. For this reason it is impossible to guarantee the integrity of a system that has had such an infection. The remote user could have made changes to the system, including but not limited to the following:
Stealing or changing passwords or password files
Installing remote-connectivity host software, also known as backdoors
Installing keystroke-logging software
Configuring of firewall rules
Stealing of credit card numbers, banking information, personal data, and so on
Deletion or modification of files
Sending of inappropriate or even incriminating material from a customer's email account
Modifying access rights on user accounts or files
Deleting information from log files to hide such activities
If you need to be certain that your organization is secure, you must reinstall the operating system, and restore files from a backup that was made before the infection took place, and change all passwords that may have been on the infected computers or that were accessible from it. This is the only way to ensure that your systems are safe. For more information regarding security in your organization, contact your system administrator.
Requirements:
You must have administrative rights to run this tool on Windows NT, Windows 2000, or Windows XP.
|
|
449 KB |
 |
 |
|
| Downloads: |
10 |
Last update: |
Mar 25, 2008 |
| Size: |
449 KB |
Operating System: |
Windows All |
| Price: |
- |
License: |
Freeware |
| You may also be interested in: |
|
W32.Nimda.A@mm Removal Tool 2.0.5 Symantec has provided a fixtool to remove infections of W32.Nimda.A@mm...
W32.Spybot.ACYR Removal Tool 1.44.0 W32.Spybot.ACYR Removal Tool was designed to remove the infections of W32.Spybot.ACYR...
W32.Davs Removal Tool 1.0.0 W32.Davs Removal Tool was designed to remove the infections of W32.Davs...
W32.Pasobir Removal Tool 1.0.0 W32.Pasobir Removal Tool was designed to remove the infections of W32.Pasobir...
W32.Secefa Removal Tool 1.0.3 W32.Secefa Removal Tool is designed to remove the infections of W32.Secefa.A, W32.Secefa.B, W32.Secefa.C and Trojan.Gamqowi...
|
|
| More to Try |
PC Washer is a powerful system cleaner that allows you to remove space wasting junk files from...
Parallels Desktop 3.0 for Mac provides the best solution to enable Apple users to run Windows,...
STOPzilla Anti-Spyware safely detects and removes Spyware, Adware, Popup Ads, Phishing Attacks,...
KriptoDrive 2007 Makes your documents truly safe, so nobody can read them or manipulate them...
EasyClone 2008 Technician is the complete solution to backup your hard disk. It copies the entire...
PictureImp is the world's first "Zero-Click" web image downloader. You will definitely love...
|
|
