httpodbc.dll infected with Nimda

Troy

Distinguished
Sep 26, 2003
694
0
18,980
Archived from groups: microsoft.public.win2000.security (More info?)

please advise...no virus software has yet removed this
stubborn virus, a variant backdoor combining Nimda with
CodeRed symptoms...

C:\httpodbc.dll is infected

C:\inetpub\scripts has 32 infected files

please advise...desperate
 

Troy

Distinguished
Sep 26, 2003
694
0
18,980
Archived from groups: microsoft.public.win2000.security (More info?)

i'm replying to my own e-mail to further describe this problem.

it has infected my inetpub/scripts folder with 32 files that cannot and will not be deleted...is there any advice out there??? a couple of friends tried to delete it from the DOS directory, but also to no avail...i'm stumped and tired of trying...

again, please advise.
troy

"troy" wrote:

> please advise...no virus software has yet removed this
> stubborn virus, a variant backdoor combining Nimda with
> CodeRed symptoms...
>
> C:\httpodbc.dll is infected
>
> C:\inetpub\scripts has 32 infected files
>
> please advise...desperate
>
 

Troy

Distinguished
Sep 26, 2003
694
0
18,980
Archived from groups: microsoft.public.win2000.security (More info?)

again, my own reply to further inform others...ViruScan calls this virus W32/Nimda.s@MM

anyone removed this before?????

"troy" wrote:

> please advise...no virus software has yet removed this
> stubborn virus, a variant backdoor combining Nimda with
> CodeRed symptoms...
>
> C:\httpodbc.dll is infected
>
> C:\inetpub\scripts has 32 infected files
>
> please advise...desperate
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

I would try to contact your Antivirus vendor ASAP with details. The link below may
help on removing difficult files. Trying in safe mode may also be of help or using a
program such as Process Explorer from SysInternals to try and kill the rouge
rocess. --- Steve

http://support.microsoft.com/?kbid=320081
http://www.sysinternals.com/ntw2k/freeware/procexp.shtml -- also check out TCPView
and Autoruns.

"troy" <troy@discussions.microsoft.com> wrote in message
news:160437E1-5531-4743-A188-09EA594BA26F@microsoft.com...
> i'm replying to my own e-mail to further describe this problem.
>
> it has infected my inetpub/scripts folder with 32 files that cannot and will not be
deleted...is there any advice out there??? a couple of friends tried to delete it
from the DOS directory, but also to no avail...i'm stumped and tired of trying...
>
> again, please advise.
> troy
>
> "troy" wrote:
>
> > please advise...no virus software has yet removed this
> > stubborn virus, a variant backdoor combining Nimda with
> > CodeRed symptoms...
> >
> > C:\httpodbc.dll is infected
> >
> > C:\inetpub\scripts has 32 infected files
> >
> > please advise...desperate
> >