What is W32/Netsky?

One particularly nasty form of malware is a virus. Viruses can spread easily from computer to computer in a variety of ways and often attack the computer's operating system files, which can make a computer inoperable. W32/Netsky is a form of computer virus, and it's giving antivirus applications trouble.

Around since 2004, W32/Netsky can be spread in two ways: as an email attachment or by automatically copying itself to particular shared files in a Windows network. W32/Netsky can arrive in an email as an attachment with a random filename and a double extension such as *.txt, *.rtf, *.doc, *.htm, *.com, *.pif, *.scr, or *.exe. The virus has also been included in ZIP files.

When you open an attachment containing W32/Netsky, the virus attempts to infect the system by modifying Windows registry values that will allow the virus to run when the computer is rebooted. W32/Netsky then installs a copy in the %Windir%\services.exe file and begins to collect target email addresses from within the infected computer. W32/Netsky removes registry keys that other W32 versions of malware might have added.

The method for infecting computers using the file system is a bit different from when it is launched from an attachment. When launched through the file system, W32/Netsky searches drives, including network shared folders. W32/Netsky copies itself into any folders containing “Share" or “Shared,” giving itself a random file name and adding a double extension like that found in the email attachment version.

W32/Netsky contains malicious code; like any virus containing malicious code, it can cause extensive damage to networks. Especially vulnerable are networks with a large number of infected systems or those that receive large volumes of email.

Windows systems have historically been vulnerable to virus attacks, and Microsoft is taking steps to correct that problem with more protection and firewalls built into the operating system to keep viruses such as W32/Netsky from replicating.

Users of chat, instant messaging and peer-to-peer sharing programs are the most at risk for getting W32/Netsky. Installing or downloading unknown software is the most common way the virus is spread. However, good antivirus software should block W32/Netsky from infecting your system as long as it is current. Any computer user who frequents online locations that are prone to these types of infections should be extra vigilant in their antivirus protection efforts. Frequent software updates and running antivirus scans on a regular basis are the best ways to protect your system from threats like W32/Netsky.

At TopTenREVIEWS We Do the Research So You Don't Have To.™