Preventing the Nimda Worm
The Nimda worm is spreading across the Internet, and could cause more damage than the Code Red worm of a few months ago.
This How-To Article explains what this worm is, what it does, and what you can do to prevent it.
Preventing the Nimda Worm
Description of the Nimda Worm
The Nimda worm is spread not only through E-mail, but through the web. Also, infected computers can spread the virus to other computers via LANs and the Internet.
Basically, the Nimda worm is received one of several ways:
E-mail - This is the most common way your computer can be infected by this worm. The worm arrives in your Inbox as an attachment, an empty body text, and a randomly chosen subject line. Depending on how your E-mail program is configured, the worm may open itself, without you needing to open the attachment.
Web - If an infected computer is a web server, the worm attempts to modify every web page which the server serves. Therefore, when you visit one of these pages, you may be prompted to download a file, which is actually infected with the worm.
What does it do?
If your computer is infected with the worm, the following is usually caused:
1. The worm retrieves every E-mail address contained in any message in your Outlook or Outlook Express Inbox. It will also extract any E-mail address links contained in HTML E-mail, as well as your Address Book.
2. The worm will then send itself to every one of the E-mail addresses it just gathered.
3. The worm scans for IP addresses of vulnerable IIS (Internet Information Services) servers. If it finds one, it will try to infect the server with the virus, in turn causing all of these events to repeat from the server which was just infected.
4. Worm code is added to .EXE files. (.EXE files are any executable program on your computer. Example: Microsoft Word, Internet Explorer, Microsoft Excel.)
5. If you are connected to a LAN, the worm will copy itself to any shared drive which the computer user has permission to access, therefore infecting the computer which physically owns the shared drive.
6. The worm takes up extreme amounts of hard drive space, potentially filling up your entire hard drive and making your computer impossible to use.
As these events are being carried out, your Internet speed will decrease, as the worm is constantly looking for vulnerable IIS servers to infect.
What can I do to prevent it?
Everyone who uses a computer needs to take an active role in preventing this worm from spreading. Every computer can possibly be infected with the worm, and one infection can spread quickly across networks.
If you use IIS, the download this patch from Microsoft.
We recommend upgrading to the latest version of Microsoft Internet Explorer. This will fix the "automatic execution of MIME types" vulnerability. Just go to: http://www.microsoft.com/ie for the latest version.
Don't open attachments. Many viruses are spread by E-mail, and can usually be prevented just by not opening the attachment and deleting the message immediately.
Update your virus scan software. Virus protection software companies are constantly at work trying to provide the best in virus protection for your PC. Thousands of viruses are discovered each month, and your virus scan software can't catch them if they don't know about them.
Books on Computers
Choosing a Cell Phone and Rate Plan - General Articles
Stopping Unwanted E-mail - General Articles
Learn about Cookies - Microsoft Windows
HotSync Timeout Errors - Palm OS
Also from Computertim Technologies
Thoughts on Internet Advertising - an interactive opinion essay by Tim Rooney.
Post your opinions on technology and get free computer help in the forums.
Tired of AOL? Try Juno for half the price of AOL.
Shop for the best deals online at our shopping site.