Proland Software  Download Antivirus software now!

Home
Antivirus products
Download Antivirus Software
Order On-line
Support
Email
Protector Plus Antivirus Software for
Antivirus Software for Windows XP and 2000
Antivirus Software for Windows Vista
Antivirus Software for Windows Me and 98
Antivirus Software for Exchange
Antivirus Software for NetWare
Protector Plus Console
Buy Antivirus software now!


SpamChoke Antispam
Software

Subscribe to Virus Alert
Mailing List

Enter your Email
 (Ex : john@company.com)


Download Anti virus software

W32/Netsky.Y Worm

Blueball Information about the W32/Netsky.Y worm:

W32/Netsky.Y is a mass mailing worm. This worm is a variant of W32/Netsky.This worm infects Windows systems and spreads through email.

The infected email carries a spoofed 'From' address, picked up from the infected system.

The subject of the infected email will be;

Delivery failure notice (Variable string)

The body of the email arrives in two sets. first set will be randomly selected by the following words;

Delivered
External
New
Partial

Second set of the body will be;

message is available.

The infected email attachment will have .com extension. The file name of the infected attachment will be;
www.<variable domain name>.<variable username>.session-<variable number>

Upon execution of the infected attachment, the worm copies itself as FirewallSvr.exe in the Windows folder. The worm also creates a file F<variable string>_YOU_BAGLE.TXT in the Windows folder.

The worm modifies registry at the following location to run itself at the startup;

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

To propagate itself, the worm scans the files having the following extensions and collects all the available email addresses from the infected system;

.pl, .rtf, .oft, .txt, .uin, .jsp, .tbb, .cgi, .sht, .vbs, .doc, .dbx, .asp, .adb, .php, .htm, .eml, .xml, .wab, .wsh, .msg, .html, .dhtm, .shtm

The worm mails itself to these addresses using its own SMTP engine.

It also attempts to perform a DOS attack on the following sites, if the system date is between April 28th and April 31st;

www.nibis.de
www.nedinfo.ufl.edu
www.educa.ch

This worm first appeared on April 20, 2004.

Blueball Other names of W32/Netsky.Y Worm:

This worm is also known as WORM_NETSKY.Y, W32.Netsky.Y@mm, Netsky.Y, W32/Netsky-Y

Click here to download a 30 day Evaluation Copy of
Protector Plus for your operating system

Blueball About Protector Plus Antivirus Software Packages:

Proland Software is the developer of Protector Plus range of antivirus software packages. Protector Plus is available for Windows Vista, Windows 95/98/Me, Windows XP, Windows NT/2000/2003 servers and workstations, MS-Exchange 2000/2003, MS-DOS and NetWare servers.

SpamChoke Antispam Software

New:
SpamChoke Antispam Software
Download Now!

Protector Plus range of antivirus products offer on-line virus detection and removal. All the packages have the ability to detect and isolate all types of viruses, trojans, worms and other types of malware. Protector Plus antivirus software can detect and remove W32/Netsky.Y worm reliably.

These products are updated on a continuous basis and the latest upgrades for all the platforms are made available for downloading from this site.

Click here to order
Protector Plus Antivirus software 

 Buy Antivirus software now!


You can download the 30 day evaluation copy of the
antivirus software free of cost for these platforms:
Antivirus Software for Windows XP and 2000 Antivirus Software for Windows Me and 98 Antivirus Software for Exchange Antivirus Software for NetWare


HomeAntivirus productsDownload Antivirus SoftwareOrder On-lineEmail

Copyright © 2007 Proland Sofrware. All rights reserved.


Download Anti virus software