Request Services
  Data Systems Services
  About Data Systems
  News & Announcements
 
Virus Alert
Virus Hoaxes
  Quick Links
  Classroom Reservations
  Equipment Reservations
  Software Downloads
 
Data Systems Only! (Password Protected)
  Live Remote Assistance
 


Netsky.b

02/18/04 -Netsky.b spreads via e-mail. It follows the routine below:

It reaches the computer in an e-mail message that has the following characteristics:

This is a detection for a new nework worm variant spreading via EMail, sending itself to addresses found on the victim machine and by copying itself to mapped network drives.

The worm copies itself to various directories on the local system and on mapped network drives. The filenames are included in the worm and choosen randomly:

  • doom2.doc.pif 
  • sex sex sex sex.doc.exe
  • rfc compilation.doc.exe
  • dictionary.doc.exe 
  • win longhorn.doc.exe   
  • e.book.doc.exe 
  • programming basics.doc.exe 
  • how to hack.doc.exe
  • max payne 2.crack.exe  
  • e-book.archive.doc.exe 
  • virii.scr  
  • nero.7.exe 
  • eminem - lick my pussy.mp3.pif 
  • cool screensaver.scr   
  • serial.txt.exe 
  • office_crack.exe   
  • hardcore porn.jpg.exe  
  • angels.pif 
  • porno.scr  
  • matrix.scr 
  • photoshop 9 crack.exe  
  • strippoker.exe 
  • winxp_crack.exe
  • dolly_buster.jpg.pif   

Removal Instructions can be found on this page.

http://vil.nai.com/vil/content/v_101034.htm

Download Stinger to Scan for infection:
http://vil.nai.com/vil/stinger

More info on this worm:
http://vil.nai.com/vil/content/v_101034.htm

Back to the top