I-Worm.Nimda, I-Worm.Nimda.E, Nimda, Nimda.c, Nimda.d
, PE_NIMDA.A, I-Worm.Nimda, W32/Nimda-A, Win32.Nimda.A
Category: Computer Worm
Europe, North and South America, and some parts of Asia and Australia
18 Sep 2001
Characteristics: [email protected]
is another member of mass-mailing worm family; the only difference is that it makes use of several methods to propagate itself. Reports say that there is no notable increase in its activities due to the re-activation of the emailing routine after its initial ten day sleep period.
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
We recommend that you scan your system for malware. Our partner has a computer worm removal tool to automatically clean [email protected]
from your computer.
The method through which this worm propagates itself are the following: it sends itself by email, searches for open network shares, attempts to copy itself to un-patched or already vulnerable Microsoft IIS Web servers, and infects both local files and files on remote network shares. This may steal private information on the compromised computer. This information may lead to the hands of the black market. Confidential email messages and or usernames and passwords can also be sold in the Internet. The worm may also record keystrokes and take screenshots of your computer. It may also steal or change passwords and/or file password, credit card numbers, banking information and personal data.
This program allegedly tries to open up an access point in the system. It is through this access point that an intruder would be able to gain control of the infected computer. According to various reports, after the [email protected]
program has created an access point, the hacker could start tampering with the affected computer. He could further aggravate the security of the system by turning off all of the security applications. It is possible for the intruder to monitor the activities of the user and even read his email messages.