« BackdoorNetbus
MalwareCrush, MalwarePro, WinSpyKiller, more – SpyHunter Update v.7.43 »

Worm.NetSky

2 Comments
GoldSparrow By GoldSparrow in Worms | 47 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

Worm.NetSky Description

Worm.NetSky is a malicious worm that distributes itself as an email attachment. Once executed, Worm.NetSky will add itself to the Windows registry ensuring that it loads each time you turn on your computer. Worm.NetSky will scan your computer for email addresses and will email itself as an attachment to any email addresses found on your PC. Worm.NetSky will also create a backdoor on your PC, which will provide access of your system to remote attackers. Worm.NetSky shouldn’t remain on your system any longer.

Type: Spyware

How Can You Detect Worm.NetSky?

 
 

Download SpyHunter’s Detection Scanner
to Detect Worm.NetSky.

 
 

Worm.NetSky Technical Report

As new Worm.NetSky details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following Worm.NetSky files with its MD5s were created in the system:

File Name File Size MD5
domnftwmnf.dll 278528 cb19bd7db3ab7aa4b5494956a2b0a041
domnftwtwl.dll 249856 a46f40029bc82a717f9447a8e86a0019
domnftwqlv.dll 278528 214b3964f69564440711dd7922f53430
domnftwwrn.dll 253952 00998d1acd26f250d66dbdea5831e942
alxvdvm.dll 217088 4120bae3a595dd0d42ad24c770e66be3
bmlvqkn.dll 270336 e5f40ba2c8fde0abf26d4c7540bf4a7a

Worm.NetSky has typically the following processes in memory:

  • domnftwqlv.dll
  • domnftwtwl.dll

Worm.NetSky creates the following registry entries:

  • SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\hjoqor
  • 2CD50EED-0440-4D62-BAA2-03E8795A4BB9
  • 8E7FF808-43C3-4D5F-AF01-29FD866BBA58

Important Article Disclaimer

ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 01/4/08 and is filed under Worms. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “Worm.NetSky”

  1. Don Lamontagne Don Lamontagne Says:
    January 18th, 2010 at %I:%M %p

    has anyone used this to remove the Worm.NetSky infection? has it worked?

  2. Ron Brown Ron Brown Says:
    January 18th, 2010 at %I:%M %p

    Trying to remove Worm.NetSky – and it is not working.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs

Follow Us on Twitter

Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2010. Enigma Software Group USA, LLC. All Rights Reserved.