Notices

NSC-040127:   W32.Novarg.A@mm Removal Instructions

The IT Security office has determine the best method to remove the W32.Novarg.A@mm (also called "Mydoom" and "Mimail.R")  virus. If you follow these steps you should be able to remove the infection.

1. Run LiveUpdate so the Anti-Virus definitions are AT LEAST January 26, Revision 24.
2. Restart the computer – after reboot, the anti-virus will catch the virus BEFORE it starts and will be able to quarantine it.
3. Do a full system scan to remove any additional infected files
4. Insert the following file into your registry http://www.its.uiowa.edu/cs/helpdesk/virus/novargregfix.reg  This file will remove the registry entries that were inserted by the virus.

These steps should remove the virus from any infected machine. Also currently the IT Security office is sending out notices to the NSC building lists indicating infected machines.  Should you get one of these notices you will need to follow these steps to clean the machine.

UI Home | UI A-Z Search | UI Phonebook/Email | Contact Us

Copyright © The University of Iowa. All rights reserved.