- The worm sends itself as an e-mail attachment to addresses found in the infected computer. It copies itself in the Windows directory as SysMonXP.exe and dropsto the same directory a DLL component: Firewalllogger.txt.
About netsky.q:
Netsky.Q is a worm that spreads through e-mail. It is distributed as a 28,008 byte Win32 executable, compressed with PEtite, which drops a 23,040 byte DLL file. It also distributes itself inside ZIP archives.It seems to be a self-replicating worm, it will continue to send out fake messages to people with the subject lines Like
* Delivery Error
* Delivery Failure
* Delivery
* Mail Delivery failure
* Mail Delivery System
* Mail System
* Delivery
* Delivered Message
* Error
* Status
* Failure
* Failed
* Unknown Exception
* Delivery Failed
* Deliver Mail
* Server Error
* Delivery Bot
And with each message there is the reciepts email address at the end. This worm seems to be spreading like wildfire today.
How to delete Win32/Netsky.Q worm files in Windows XP and Vista:
One of the ways to remove W32/Netsky.Q is by downloading specific removal tools availabe from Antivirus companies such as Symantec. Download this tool for auto removal of win32.netsky.q virus.
If you prefer to remove it manually from windows XP and Vista, follow these step:
1. First of all you need to delete Win32.NetSky.Q worm.
2. Go to "start menu" and click "search".
3. Click "all files and folders".
4. Type any file name in the search box and select “Local Hard Drives.”
5. Click “Search” and when you find the file delete it.
How to stop Win32.Netsky.Q worm processes:
1. Click the Start menu and select Run.
2. Type "taskmgr.exe and click "OK". You can also launch task manager ny pressing keys ALT + CTRL + DELETE or CTRL +Shift + ESC.
3. Click Processes tab, and find Win32/Netsky.Q worm processes.
4. Once you’ve found the Win32/Netsky.Q worm processes, right-click and select “End Process” to stop Win32/Netsky.Q worm.
No comments:
Post a Comment