SecurityHome.eu Win32.Netsky.Q@mm

Home / malware PDF

Win32.Netsky.Q@mm

First posted on 21 November 2011.
Source: BitDefender
Aliases :
Win32.Netsky.Q@mm is also known as W32/Netsky-Q.
Explanation :
The worm sends itself as an e-mail attachment to addresses found in
the infected computer.

It copies itself in the Windows directory as SysMonXP.exe and drops
to the same directory a DLL component: Firewalllogger.txt.
It then sets the following registry key, so it will be executed each
time Windows starts up:
HKLMSoftwareMicrosoftWindowsCurrentVersionRunSysMonXP =
%WINDIR%SysMonXP.exe

In 30/03/2004 it generates in the computer speaker sounds with
different tones and durations
Last update 21 November 2011

TOP

Malware :

Backdoor.WinCE.Brador.A
WinCE.Dust.A
Backdoor:WinCE/PhoneCreeper.A
Dialer:WinCE/Terdial.A
Trojan:WinCE/Terdial

Last 20