Win32.Netsky
Win32:Netsky the top rated email worm in last 2 month, mail with a attachment file .pif .
if u run the attachment file, u will get a message like "The file could not be opened". and the virus make a copy of itself in pc, named 'service.exe' .Win32:Netsky Mail details
Message header (chosen at random from the list below)
Approved
Hello
Hi
Important
My details
Re: Approved
Re: Hello
Re: Hi
Re: Important
Re: My details
Re: Request
Re: Thanks you!
Re: Your details
Re: Your document
Re: Your information
Request
Thank you!
Your details
Your document
Your information
subject (chosen at random from the list below) :
fake
hello
hi
information
read it immediately
something for you
stolen
unknown
warning
Attachment File name (chosen at random from the list below) :
aboutyou
attachment
bill
concert
creditcard
details
dinner
disco
doc
document
final
found
friend
information
jokes
location
mail2
mails
me
message
misc
msg
nomoney
note
object
part2
party
posting
product
ps
ranking
release
shower
story
stuff
swimmingpool
talk
textfile
topseller
website
Delete Win32:Netsky
to delete the virus, goto control panel -> administrative tools -> Services
and find the service with executable path "%Windir%\services.exe -serv"
stop the service disable it, and remove the file from your hard disk.
the virus will create a registry update on the path
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]delete the key from registry, for that run regedit.exe ( click on start -> run and type regedit)
"EastAV"="%windir%\EastAV.exe"
goto the path
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run] and remove only the key "EastAv"
or you can download 'Win32:Netsky' fix tools from http://www.kaspersky.com
Download Free Virus Fix
No comments:
Post a Comment