What is it?

Officially called W32/Nimda@MM, The “Nimda” worm (formed by spelling Admin backwards), is infecting a large number of people on the Internet.  Though the virus can spread quickly, its threat is not too great.  Its main objective is to slow down Internet traffic; it does not perform anything malicious on computers such as corrupt files.  Also, it affects only PC users who are running the Windows Operating System.  It is, however, a clever virus, and can spread numerous ways:

1)  Anyone who opens or even previews an e-mail with the infected file attached is automatically infected.  If the computer user uses Microsoft Outlook, the virus will send itself to everyone in that user’s Address Book.

2)  The virus can attack “back doors” in web servers, and possibly even get into webpages.  If a computer user visits one of these infected webpages, they too will be infected

3)  If one machine on a network is infected, this computer will look for other systems that it has access to and infect them also.

How do I know if I Have the virus?

First, if you are a Macintosh user, you cannot get infected.  Only PC’s running any version of Microsoft’s Windows Operating System are vulnerable.  Now, to determine what virus patch you need, follow these steps:

– Go to the start menu and click run, then type in: winver
This screen will tell you which operating system your computer is running.  Proceed to the next section to find out what to do.

How can I Fix or Protect My Computer?

If you are a home user who has the Windows 95, 98, ME or XP Home Operating System, follow these steps:

Click Here to go to the Microsoft Site where your patch is listed.  The next screen will ask you what version of Internet Explorer you have.  To determine this, click on the Help menu in Internet Explorer, and choose About.  If your version of Internet Explorer version is 6.0, then you need not worry about the patch because you are already protected.

Once you have clicked on the appropriate link based on which version of IE you have, click the “Download Now” button or the “Security Update” hyperlink on the screen that comes up.

On the next screen, make sure that the bubble for “Save this program to a disk” is marked, as shown below:

Then click OK and select a directory in which you want to download the file (make sure you remember which directory you select!).

After the download is complete, go to My Computer and browse to the directory where you downloaded the file and double-click it to open it. Follow the onscreen instructions to complete the installation. Once the installation is complete, restart your computer (goto Start Menu, click Shut Down, and select the “Restart” option.)

If you are an business user who has the Windows NT, 2000, or XP Professional Operating System, follow these steps:

1)  See Step 1 from the home user section above.

2)  For extra protection, you may wish to download the Microsoft Personal Security Advisor.  This will help ensure that your system is securely configured

If you are a Network System Administrator with Servers running Windows NT, 2000, or XP follow these steps:

1)  First, download the patch that protects your system from the “Web Server Folder Traversal” vulnerability, and which also guards the backdoor exploited by the Code Red VirusClick Here to download your particular fix.

2)  For extra protection, you may wish to download the Microsoft Personal Security Advisor.  This will help ensure that your system is securely configured.


After the computer is finished restarting, you are completely protected from the virus and your system is clean of the worm. Congratulations. Now you don’t have to be a part of the media hype, so just sit back, relax, and watch those other ignorant ones suffer… If would like to be a good, considerate citizen, you can send an e-mail to your friends about this site; the address is www.isaleh.com/Nimda

There’s your good deed for the day, it’s as easy as that. And in addition, won’t your boss be happy that one of his own subjects is doing something beneficial for the company? Oh yes…

Thank you for visiting this page. Please Click Here to give me some feedback on this tutorial and if you get a chance, check out my main page atwww.isaleh.com

Ahh yes, and if you just want to make sure that you weren’t affected by the last big virus that hit (Code Red Worm), click here to go check out my tutorial on that one.

And here are some additional resources that you can check to complement this page:

Microsoft – Info on Nimda Virus

CERT Coordination Center



Central Command

Computer Associates



Kaspersky Labs

Panda Software

Network Associates



Symantec Security Response

Trend Micro

Happy virus cleaning!