How do I figure out which version of IE I have?
>> How do I figure out which version of IE I have?
Just like with any WIn program: on the top menu click help / about.
I figured that out right after I got my post here-d’oh!
Silly me. I have 5.5…I’m still so confused though…
- Install the patch for this hole
- Configure OE to not run scripts as explained above
- Don’t “open” executable attachments
- Eat lots of vegetables and fiber
- Floss often
- Don’t drink and drive
- etc
Thanks, Sailor. Do I just download it into my Windows folder?
One thing I have read is that this specific virus - nimda.a - does not affect Internet Explorer 6. I have been running IE 6 since it was released a few weeks ago, and have had no problems with this version so far (other than the quicktime thing, but there’s a patch for that). It might be a good time to upgrade now, if you were thinking about it already.
I believe this virus exploits that hole mentioned which exists only in the two versions mentioned of IE/OE and would not affect earlier or later versions. For those two versions there has been a patch for quite a while … the problem is most people do not keep their patches up to date.
Guinastasia, I have not installed any patches in a while now but I assume if you just click on the link you should get the necessary directions on how to do it. If you have to download and run a file, then I would put it in the TEMP folder and you can delete it once it has installed the patch. It really should be pretty simple.
Thanks.
I’m sorry to keep bugging you guys, but I am just so CLUELESS when it comes to this sort of thing. And the information pages don’t help much.
I searched for the Admin thing, and didn’t find it, so I’m ASSUMING I don’t have it…yet.
BUT, if I download this patch, will it prevent the virus from happening, or if the virus is secretly there, will it fix it?
Okay,
I downloaded the patch. Before I did so, I checked BOTH my C AND D drives for the admin file and did not find a thing.
When I went to INSTALL the patch, it told me device does not need to be installed on this system, or something like that…huh?
The admin.dll file will only show up in root directories of your hard drive partitions (C:, D:, E:, etc…) and should only show up if you are running an IIS web server. Any other admin.dll files (if any are present) are likely legitimate files.
Regarding the patch for Internet Explorer 5.x, it just patches a security hole in the web browser that allowed things to automatically download and run in the background without asking the user first. If you’re already infected, patching won’t clean up or stop the virus.
For most workstations (Windows 95, 98, ME, NT 4, 2000), the telltale signs of a Nimda infection are the presence of a load.exe file in your C:\Windows\System directory (load.exe will be a hidden file), the calling of load.exe in the System.Ini in your C:\Windows folder (the line in System.ini will read: shell=Explorer.exe load.exe -dontrunold), and the presence of a large number of files with EML and NWS extensions.
Various antivirus software vendors have released free utilities that will detect Nimda on your system, and eradicate the virus if it is found. Symantec’s can found be here:
NAI/McAfee’s is here:
http://www.mcafeeb2b.com/naicommon/avert/avert-research-center/tools.asp#NimdaScn
I did the system.ini thing, and it worked. I didn’t have the dontrun thing in Shell. Whew!!!
Once again, thank you for being so patient with me-when it comes to Viruses, I’m EXTREMELY ignorant.
You shouldn’t have to do anything to your system.ini. The line should just say “shell=explorer.exe”. The “load.exe -dontrunold” is something that the virus puts there! If you don’t have that, it means you don’t have the virus.
Exactly. I meant, I ran system.ini, to check, and didn’t have it.
I have the patch, and feel much better now.
Glad to hear it - carry on 
Don’t want to start another thread so I’ll ask here.
First of all I HATE THIS THING!!!
OK
After spending Two days battling it I think I have got it under control. I am a systems analyst not a computer MIS person but I am all the company has got at the moment.
I have upgraded all the Computers to the second version of IE 5.5 I have downloaded the patch from MacAfee.
I have done the system.ini to make sure the script is correct so I don’t get that load error.
I have enabled all the MacAfee scans and I noticed the scans if I try to go into an infected file will catch it.
Our network drives have been scanned.
Now is this the end. Our company recently cut back people to 32 hours and laid people off due to the economy so we don’t have an MIS guy full time only on call once a week.
Is this enuff? The thing that concerns me is I have scanned all the drives I know and STILL when I run my computer it will come up with the bug being shaken. So that must mean it is somewhere right?
I am able to delete it immediately and my compuer runs fine except for the occasional bug comes up and I delete.
Our company stopped our internet so no one has it. So we can’t be getting it there.
We still are getting email thru corporate.
The MIS guy comes in next week.
To fix it right but any other ideas or should this hold it?
Thanks
Thanks Sailor- that was very helpful. As regards versions of IE, if you go here it will tell you what patches are available for your version. It will also enable you to update to IE 6- I’ve been using it since it was a beta version some months back and I have had no problems (which is unusual). Also, it is worthwhile to enable “critical updates” so you are advised when a patch is available.
:wally
Markxxx…
Here’s what I did.
McAfee has a fix that you can put on a floppy. You can find a link to it on their main page. That was easier than doing a whole virus scan because it only searches for that.
I told everyone to go to lunch for about an hour. I first ran the patches for IIS. I disconnected all their computers from the network, disconnected the servers from the network and shut down the internet. That way, I had 9 independent machines with no connection to each other. I ran that fix on each machine at the same time, it took about 15 minutes. I ran it again, just to be sure. Then I plugged the servers back into the network. Did a check on those. Plugged the PCs back to the network, had everybody log in, and checked again. I waited about 30 minutes and no one had it, so I turned the internet back on.
You may be making the mistake I made, I kept the computers connected while scanning and fixing and it would just reappear. I would disconnect everyone from the network, then scan and fix. Only connect everyone once you are sure they all are free.
And heres the site I forgot to include : http://windowsupdate.microsoft.com/
As I have said in the past, I have never used antivirus software (they seem to cause more trouble than they’re worth) and I have never had a virus infection.
-
I never run anything I receive unless I know exactly what I am doing. If in doubt I will email it to myself at hotmail which scans for viruses.
-
I have closed my ports and configured the bindings as explained in Shields Up: http://grc.com/default.htm
-
I have uninstalled Windows Scripting Host
http://service1.symantec.com/SUPPORT/nav.nsf/docid/2000050512031906
http://www.datafellows.com/virus-info/u-vbs/uninstall-vbs.html -
I have configured IE/OE to limit activeX and scripts, very specially in emails where everything is disabled.
I realise when you have several people sharing computers it is more difficult to maintain discipline but I do not have this problem as i am the only one who uses it. Never had a virus problem.