Thread: Nimda

  1. #46
    Has a Masters in B.S.
    Join Date
    Aug 2001
    Posts
    2,263
    well if your logged in as admin... its not permission violations, it may be in use but that shouldn't stop it... possibly cause its a system file.

    try hitting Ctrl+Shift+Escape and see whats running under your user name. look for said .dll or what not. anything that says 'you' under user name other than explorer.exe, devldr32.exe, and taskmgr.exe can be killed just don't kill any system or Local/Network services you may not want to kill IEXPLORER.exe cause its internet explorer.

    and i doubt this will work unless you have permissions to the file but this will make it non system/hidden/readonly/ect

    #include <window.h>

    int main()
    {
    unsigned long fa = 0x00000080;
    ::SetFileAttributes("C:\\whateverdir\\admin.dll",f a);
    // check to see if it worked
    fa = ::GetFileAttributes("C:\\whateverdir\\admin.dll");
    printf("%x\n",fa); // should print 0x00000080
    return 0;
    }
    ADVISORY: This users posts are rated CP-MA, for Mature Audiences only.

  2. #47
    Anti-Terrorist
    Join Date
    Aug 2001
    Location
    mming, Game DevelopmentCSR >&<>&2Minimization of boolean functions, PROM,PLA design >&0>&WA, USA guitar, dogsCommercial Aviation >&>>&USAProgramming
    Posts
    742
    When I run the program it prints the number 21 but nothing changed. I still can't set permissions. What does 21 mean?
    I compile code with:
    Visual Studio.NET beta2

  3. #48
    Has a Masters in B.S.
    Join Date
    Aug 2001
    Posts
    2,263
    21 means its Read Only and Archived.

    so... let me get this straight

    your logged in as Admin.
    you can't change permissions.
    you didn't see it used in the taskmanager.
    its not system.
    you have no access to the file...

    right click on the file go to properties -> click the security tab

    1. Are there any names/groups under 'Groups or user names:'?
    2. Could you list whats running under processes in the task manager?

    and i must ask are you sure this file is bad i have it on my sys and i dont have 'nimda'
    Last edited by no-one; 09-20-2001 at 12:58 AM.

  4. #49
    Witch_king's puppet
    Join Date
    Aug 2001
    Posts
    20
    Maybe it's not bad. I might be confused because Nimda is Admin spelled backwards. I guess it's a good file.

    Okay than tell me what happens when you press the security tab. Does it give you a message:
    You do not have permission to view the current permission setting for Admin.dll, but you can make permission changes.
    >>1. Are there any names/groups under 'Groups or user names:'?<<

    No, it is blank.

    I can set and change permissions with other files but not this one. I guess I should leave this one alone. It must have some other purpose. The W32/Nimda virus drove me insane. I think I was able to get rid of most of it but it's not an easy virus to defeat. Okay I'll leave the Admin.dll file alone. Anyway, thanks for the help. I didn't know how to log in as administrator but your solution worked. I need to read up on a professional operating system, but I have not had a great chance to do it yet. Infact it invovles a lot of reading it seems. There are many books on Win2k for example. A person has to learn 1000 things before he can become proficient running a computer. I'm still peeved about virus writers. I don't think anyone will be able to stop them and it is likely going to be a huge problem in the near future. You're Linux solution might be the best afterall, hard to tell.
    I'm A Farmer

  5. #50
    Registered User rick barclay's Avatar
    Join Date
    Aug 2001
    Posts
    835
    >Rick, even if your machine runs Linux, it's still vulnerable to thousands of computers bombarding it with compromise requests. Did you have unusual amounts of traffic?<

    No. I haven't even listed my site with the search engines.
    Last one to visited my site before it was struck was govt
    cheese, so he's my main suspect .

    rick barclay
    No. Wait. Don't hang up!

    This is America calling!

  6. #51
    Mayor of Awesometown Govtcheez's Avatar
    Join Date
    Aug 2001
    Location
    MI
    Posts
    8,823
    Yup, it was me (wishes for middle finger smiley... this'll have to do ..|.. )....

    I was jsut checking to see if you've made your move in our chess game yet.

  7. #52
    Has a Masters in B.S.
    Join Date
    Aug 2001
    Posts
    2,263
    >Okay than tell me what happens when you press the security tab. Does it give you a message: <

    i get no warnings no messages and it lets me change the security settings...

    somehow you might be limited in your permissions to change that file so its suspect that your not truly an administrator but something dang close to it...

    glad to help though.

    >I think I was able to get rid of most of it but it's not an easy virus to defeat.<

    yeah if it infects by attaching exe's and knows how to hide there hard to find...
    gah, took me a week to get sub7 off manually, and no i didnt get hax4d i let some one put it on my sys to see what it could do and it fried itself, so i had to manually remove it.


    >
    I need to read up on a professional operating system, but I have not had a great chance to do it yet. Infact it invovles a lot of reading it seems. There are many books on Win2k for example. A person has to learn 1000 things before he can become proficient running a computer.
    <

    actually i learned most of what i know from a friend who does this for a living.
    ADVISORY: This users posts are rated CP-MA, for Mature Audiences only.

  8. #53
    Anti-Terrorist
    Join Date
    Aug 2001
    Location
    mming, Game DevelopmentCSR >&<>&2Minimization of boolean functions, PROM,PLA design >&0>&WA, USA guitar, dogsCommercial Aviation >&>>&USAProgramming
    Posts
    742
    Yeah I accidently messed with the file but it doesn't seem to have messed up my system. I just can't change the permissions any more with that file.

    I am the administrator. It worked when I logged in as administrator and pressed enter. Also my other account is a member of the administrator account.

    Do you know how to set a password for the administrator? I don't understand why that file is messed up but I can change permissions on other file without any problem.
    I compile code with:
    Visual Studio.NET beta2

  9. #54
    Registered User rick barclay's Avatar
    Join Date
    Aug 2001
    Posts
    835
    Originally posted by Govtcheez
    Yup, it was me (wishes for middle finger smiley... this'll have to do ..|.. )....

    I was jsut checking to see if you've made your move in our chess game yet.
    Yup.

    rb
    No. Wait. Don't hang up!

    This is America calling!

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Nimda is Dead
    By Witch_King in forum A Brief History of Cprogramming.com
    Replies: 1
    Last Post: 09-23-2001, 06:22 AM
  2. My Appologies
    By Witch_King in forum A Brief History of Cprogramming.com
    Replies: 20
    Last Post: 09-21-2001, 06:07 PM
  3. side nimda stuff
    By Govtcheez in forum A Brief History of Cprogramming.com
    Replies: 6
    Last Post: 09-20-2001, 02:35 PM