Drivers download     Submit your software     Top Downloads     Promote Software     Advertise     Link Exchange     Free Tutorial Softlookup.com: >> E-News!      New Articles  Device Conflict  PC Repair  Second HDD  Video Card  CDROM Install  Java app  Web scripting  W32/Bagle.Z  Virus Alerts     Information about the W32/Netsky.AB worm 4/24/2004   W32/Netsky.AB is a mass mailing worm. This worm is a variant of W32/Netsky.Z.This worm infects Windows systems and spreads through email. The infected email carries a spoofed 'From' address, picked up from the infected system. Related News!   Information about the W32/Netsky.AB worm   Information about the W32/Bagle.Z Worm The subject of the infected email will be any one of the following; Wow Text Hurts Funny Found Money Letter Stolen Privacy Picture Numbers Criminal Question Password Pictures Only love? Correction More samples The body of the infected email will be any one of the following; Still? True love letter? Does it hurt you? How can I help you? You have no chance... Your pictures are good! Hey, are you criminal? Do you have asked me? Do you have no money? Please use the font arial! Why do you show your body? Wow! Why are you so shy? Do you have more samples? Are your numbers correct? Do you have written the letter? I've your password. Take it easy! Do you have more photos about you? I've found your creditcard. Check the data! Please do not sent me your illegal stuff again!!! The text you sent to me is not so good! The infected email has any one of the following attachments; hurts.pif abuses.pif pin_tel.pif image034.pif your_bill.pif visa_data.pif your_text.pif document1.pif your_text01.pif your_picture.pif your_letter.pif passwords02.pif myabuselist.pif loveletter02.pif corrected_doc.pif all_pictures.pif your_letter_03.pif your_picture01.pif my_stolen_document.pif Upon execution of the infected attachment, the worm copies itself as csrss.exe in the Windows folder. The worm also creates a mutex S-k-y-n-e-t--A-n-t-i-v-i-r-u-s-T-e-a-m to check the presence of the worm in system memory.The worm modifies registry at the following location to run itself at the startup; HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run To propagate itself, the worm scans the files having the following extensions and collects all the available email addresses from the infected system; .pl, .rtf, .oft, .txt, .uin, .jsp, .tbb, .cgi, .sht, .vbs, .doc, .dbx, .asp, .adb, .php, .htm, .eml, .xml, .wab, .wsh, .msg, .html, .dhtm, .shtm The worm mails itself to these addresses using its own SMTP engine. This worm first appeared on April 28, 2004. Other names of W32/Netsky.AB Worm: This worm is also known as Win32.Netsky.AB, W32.Netsky.AB@mm, W32/Netsky.ab@MM, NetSky.AB , W32/Netsky-AB

Your ad here! Advertise on Softlookup.com New Releases 3D Gallery 3D Cube Digicrafts Design VooCAT 1.x iClone 3D Symbols (FW) Symbols (FW) VRayScatter 2.5.7b Symbols (AI) Symbols (FW) Flash Preloader Type1 Flash Preloader Type2 Symbols (AI) Kaminfeuer Titanium The JMMG Open Fire Reallusion iClone GenHead Symbols (FW) DateTimeXtra Symbols (AI) Symbols (FLA) Symbols (FW) Wurlitzer MP3 GenCrowd 3D 3D Carousel 3D Carousel Symbols (AI) Blocker Plains, Mega Pack Creative MovieFX v2 ConvexSoft YouTube m_cws_exporter Power Pack Unwrap King Flash Gallery

Your ad here! Advertise on Softlookup.com Top Downloads Autodesk 3D Adobe Illustrator Yahoo-Kick-Boot-Bomber flv2avi Microsoft Visual NFO Maker 2 Pro Drum Pad oDC Virtual DJ Radha-Krishna Screensaver Adobe After Unlimited Software 2007 AOL 9.0 VR Refresh nweb for Zodiac -171163 TrueCast Player AB Tutor Control WebSphere Everyplace QCP Converter Autodesk 3D Easy Dump Oracle Hungarian Language Playstation 2 Emulator Popfax-Printer Internet OmniPeek Personal

| Home | About us | Categories | New Releases | Most Popular | Web tutorial | IT News | Drivers | Submit a program |

© 2007 SoftLookup Corp. Privacy Statement