|
| Download free anti virus software | Anti virus software information | Order anti virus software (US$ 29.95) |
| Protector
Plus Anti virus software for Windows (XP, 2000, 2003, NT, Me, 98, 95) Exchange NetWare  |
Win32/Nimda.A WormInformation about the Win32/Nimda.A Worm:Nimda is a mass mailing email worm. This
worm will infect Windows systems as well as computers installed with IIS
servers. Nimda also spreads over network shares. The worm arrives with a random subject carrying an invisible attachment readme.exe. The content of the mail will be blank. When the infected mail is opened or previewed under Microsoft Outlook or Microsoft Outlook Express, the worm gets activated and tries to propagate in different modes. The worm copies itself into Windows System folder as LOAD.EXE. Later on the worm modifies SYSTEM.INI by adding a line Shell=explore.exe load.exe -dontrunold to activate itself during next windows startup. It copies itself as ADMIN.DLL under root of windows installed drive. The worm then modifies .HTM, .HTML., and .ASP files on the local drives with JavaScript that causes readme.eml, created by the worm to be loaded by Internet Explorer(ver. 5.1 or above) and Outlook Express. The worm overwrites MMC.EXE with itself and infects the exe files, entries present under the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths It replaces the original Riched20.DLL file with worm infected riched20.dll. The worm gets executed whenever Microsoft Word application is activated. After this the worm tries to spread through the network shares by infecting .EXE files and by overwriting .NWS and .EML files. It creates a network share with no password on all the local drives of the infected computer. This would allow easy propagation of worm across network. It mails itself to email addresses present in .HTM and .HTML files of local computer, it also spreads using email addresses under MAPI messages of Microsoft Outlook and Microsoft Outlook Express. This worm first appeared during September 2001. Other names of Win32/Nimda.A worm: This worm is also known as W32/Minda@MM, Troj_Nimda, Code Rainbow, Minda, Nimbda Removing
Win32/Nimda.A worm from your computer: Protector Plus anti virus for your operating system |
Proland Software is the developer of Protector Plus range of anti virus software packages. Protector Plus anti virus is available for Windows XP, Windows Me/98/95, Windows NT/2000/2003 servers and workstations, MS-Exchange 2000/2003, MS-DOS and NetWare servers.
Protector Plus range of anti virus products offer on-line virus detection and removal. All the packages have the ability to detect and isolate all types of viruses, trojans, worms and other types of malware. Protector Plus antivirus software can detect and remove Win32/Nimda.A worm ����������������������������������������������������������������������������������������������������������reliably.
�These products are updated on a continuous basis and the latest upgrades for all the platforms are made available for downloading from this site.
You can download the 30 day
evaluation copy of
Protector Plus anti virus software free of cost for these platforms:
Windows | Exchange
| NetWare
Download free anti virus software | Anti virus software information | Order anti virus software
Copyright © 2004 Proland Software. All rights reserved.
