Nimda Detection & Clean

Nimda Detection & Clean crack / serial

Nimda Detection & Clean is a lightweight and useful tool that was designed in order to help you erase the dangerous [email protected] and [email protected] viruses.

This virus comes through e-mail as an attached file, with the body of the mail apparently empty but which actually contains the code to use the IFRAME exploit which will execute the virus when the user just view the message (if he is using Outlook or Outlook Express without latest Service Packs or patches from Microsoft). Once installed it copies itself in the system directory with the name riched20.dll modifying itself to be loaded as a DLL (Dinamically Link Library). This DLL is used by applications that work with Richedit Text Format such as Wordpad.

Nimda Detection & Clean

Download Nimda Detection & Clean crack and serial

 

To be activated at every reboot, the virus modifies system.ini in the boot section, writing the following line:

shell=explorer.exe load.exe -dontrunold

The virus attaches a thread to explorer.exe to run its viral code.

To spread it uses MAPI (Mailing API) functions to read user's e-mails from where it extracts SMTP (Simple Mail Transfer Protocol) addresses and e-mail addresses.

Another method to spread is by using the Unicode Web Traversal exploit similar to CodeBlue.

Using this exploit the virus gets control of the execution flow on that server and download itself under the name admin.dll, then puts a HTML code in the web page hosted by the IIS server to download the virus. To do this it tries to modify the files with the name:

index, main, default

and with the extension one of:

.html

.htm

.asp

Also the virus enumerates the network resources visible to the infected computer and tries to copy in shared files or folders.

The virus is able to infect files by attaching the executable as a resource with raw data named f in the virus program. When the infected file is executed the virus takes over the control and executes the original file so the user doesn't notice anything. This is accomplished by dropping that f resource in a file with the same name as the original but with a space appended, followed by .exe.

The virus activates the user guest with no password and add it to the Administrator group. Also it creates a share for every root directory (from C to Z) with all access rights, and disables the proxy by modifying the keys:

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsMigrateProxy with the value "1"

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsProxyEnable with the value "0"

HKEY_CURRENT_CONFIGSoftwareMicrosoftWindowsCurrentVersionInternet SettingsProxyEnable with the value "0"

Leaving the library riched20.dll not deleted will reactivate the virus when a program using this library is executed.

Released: Aug 3rd 2010 Rating: 4.6
Size: 240 KB Downloads: 4941
Systems: Win All

User replies

18 August 2018, Abel said:

Gracias por Nimda Detection & Clean serial

20 June 2018, manuela said:

terima kasih untuk keygen untuk Nimda Detection & Clean

Leave a reply

Your email will not be published. * Required fields

Website search

Recently updated

Ivrol Removal Tool Ivrol Removal Tool This application fights off the Ivrol virus
CodeRed Detection and Removal Tool CodeRed Detection and Removal Tool A simple and effective way of erasing the CodeRed malware
Holar Removal Tool Holar Removal Tool An effective way of cleaning the Holar malware

Software News

Jul 11
Online virtual worlds can help social movements raise awareness and create safe spaces for their members, according to a new study by an academic at the University of East Anglia (UEA).
Jul 8
The core idea of the team headed by Magdeburg project leader, Professor Dr. Mesut Güne is to develop the self-organizing migration of services. This means that the services-such as home automation, data management, and ...
Jun 27
Video game publisher Electronic Arts has tightened some openings cybersleuths found in its Origin online network that could have exposed more than 300 million video game players to identity theft and account losses.
Jun 26
Achieving a good signal-to-background ratio in neutron scattering experiments is a crucial factor in instrument and sample environment design. However, in current Monte Carlo simulation software, not all neutron interactions ...
Jun 25
Apple will unveil new iPhones in September, assuming the company sticks to its usual playbook. The fall timeframe is also when Apple officially releases the latest flavor of iOS, the software that will not only be at the ...
Jun 19
How would you and your neighbours triple the number of households in your street block in order to keep your cherished suburb thriving and do your bit to tackle urban sprawl? You have a number of choices to make. Where do ...
Jun 16
From the Zen capital of LA to the Champs Elysees comes the calming voice of a British Buddhist monk-turned entrepreneur, introducing American-style online mindfulness to the stressed-out French.

About us

Welcome to new crack resource CrackDownloadz.com! Our service can generate cracks, keygens and serials for your software to unlock it. CrackDownloadz provides a lot of popular cracks and keygens. No spyware and adware at all, just download new cracks, keygens and serials. If you have a software that needs a crack feel free to contact us.

Also you may contact us if you have software that needs to be removed from our website.