It attempts to launch Denial of Service attacks against several web pages, deletes the entries belonging to several worms, including Mydoom.A, Mydoom.B, Mimail.T and several variants of Bagle and emits a sound through the internal speaker.
Affected platforms:
Windows XP/2000/NT/ME/98/95
First detected on:
March 29, 2004
Detection updated on:
July 29, 2009
Statistics
No
Proactive protection:
Yes, using TruPrevent Technologies
Brief Description
Netsky.Q is a worm that deletes the entries that belong to several worms, including Mydoom.A, Mydoom.B, Mimail.T and several variants of Bagle.
Netsky.Q attempts to launch DoS (Denial of Service) attacks against several web pages, between April 8 and 11, inclusive.
Netsky.Q spreads via email in a message with variable characteristics. It is automatically activated when the email message is viewed through Outlook's Preview Pane. It does this by exploiting a vulnerability in Internet Explorer, which allows email attachments to be automatically run. This vulnerability exploit is known as Exploit/iFrame.
In addition, when the system date is March 30, 2004, between 5:00 a.m. and 10:59 a.m., Netsky.Q emits a sound that consists of random tones through the internal speaker.
Visible Symptoms
Netsky.Q is easy to recognize, as it emits a sound that consists of random tones through the internal speaker when the system date is March 30, 2004, between 5:00 a.m. and 10:59 a.m.