Anti virus software
Download free anti virus software Anti virus software information Order anti virus software (US$ 29.95)
Protector Plus
Anti virus software for

 Windows
 (XP, 2000, 2003, NT, Me, 98, 95)

 Exchange
 
 NetWare











Download Antivirus software

W32/NiceHello Worm

Information about the W32/NiceHello Worm:

W32/NiceHello is a mass mailing worm. This worm will infect Windows systems. It spreads using the email addresses present in the MSN Messenger contact list.

The Subject, Message body and the attachment of the worm will be any one from the following sets.

Set 1:

Subject: Actualizacion de programa
Message body: Recien puedo enviarte la actualizacion, es que tuve mucho trabajo, recuerda que es solo para vos
Attachment: Actualizacion.exe

Set 2:

Subject: Animaciones en flash de nuestros politicos
Message body: Mira las animaciones sobre la clase politica del pais, recuerda que es solo para vos
Attachment: Politicos.exe

Set 3:

Subject: ahora el juego va a funcionar
Message body: El parche para el juego que mas te gusta, esta comprimido, recuerda que es solo para vos Attachment: ParcheJuego.exe

Set 4:

Subject: Codigo fuente
Message body: Hola, te mando el codigo fuente que te prometi, esta comprimido; ya sabes esto es solo para vos!!. Saludos
Attachment: Codigo.exe

Set 5:

Subject: Datos ultimo trimistre
Message body: Los datos del ultimo trimestre esta en el archivo adjunto, estan comprimidos, recuerda que es solo para vos
Attachment: Datos.exe

Set 6:

Subject: Fotos ultima fiesta
Message body: Hola, como estas, te mando las fotos de la ultima fiesta, por cierto tienes una cara!!!. , recuerda que es solo para vos. bye
Attachment: Fotos.exe

Set 7:

Subject: Mis primeras animaciones
Message body: Te mando la primera animaci n en flash sobre nuestros amigos; espero tus comentarios, recuerda que es solo para vos
Attachment: Animacion.exe

Set 8:

Subject: parche
Message body: El parche del programa que me pediste. Cualquier cosa estoy para ayudarte. recuerda que es solo para vos
Attachment: Parche.exe

Set 9:

Subject: Presentaciones PowerPoint
Message body: Las presentaciones en power point que tenia que mandarte, estan comprimidas en el archivo adjunto, recuerda que es solo para vos
Attachment: Presentaciones.exe

Set 10:

Subject: Video de la ultima reunion de amigos, recuerda que es solo para vos
Message body: Hola, te mando el video de la ultima fiesta, no se ve muy bien pero algo es algo, recuerda que es solo para vos
Attachment: Video.exe

Upon execution of the infected attachment, it displays a message box with the following content.

Just In Time Debbuger
Microsoft Windows XP or greater required!

After this, it creates modifies the Windows registry at the following location to load itself each time Windows is restarted.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\

The worm tries to copy a file, Sys64dvr.exe to c:\windows\system or c:\winnt\system32 folder.

Due to a bug in the worm code the worm copies itself as c:\windows\systemSys64dvr.exe or c:\winnt\system32Sys64dvr.exe.

Later on, using its own SMTP engine, it attempts to mail itself to all the email addresses found in the MSN Messenger contact list. It also mails the login information of MSN Messenger to the virus writer.

This worm first appeared on 11th March 2003.

Other names of W32/NiceHello worm:

This worm is also known as W32/Nicehello@MM, W32/Nicehello-A, WORM_NICEHELLO.A

Click here to download a 30 day Evaluation Copy of
Protector Plus anti virus for your operating system

About Protector Plus Anti virus Software Packages:

Proland Software is the developer of Protector Plus range of anti virus software packages. Protector Plus anti virus is available for Windows XP, Windows Me/98/95, Windows NT/2000/2003 servers and workstations, MS-Exchange 2000/2003, MS-DOS and NetWare servers.

Protector Plus range of anti virus products offer on-line virus detection and removal. All the packages have the ability to detect and isolate all types of viruses, trojans, worms and other types of malware. Protector Plus antivirus software can detect and remove W32/NiceHello worm reliably.

These products are updated on a continuous basis and the latest upgrades for all the platforms are made available for downloading from this site.

You can download the 30 day evaluation copy of
Protector Plus anti virus software free of cost for these platforms:

Windows | Exchange | NetWare

Download free anti virus software | Anti virus software information | Order anti virus software

Copyright © 2004 Proland Software. All rights reserved.


Download Antivirus software