* Panda Software has released its free PQremove utility which detects and eliminates Netsky.D from infected computers. This tool can be downloaded from http://www.pandasoftware.com/download/utilities
* In just a few hours, Netsky.D has taken third place in the ranking of the viruses most frequently detected by Panda ActiveScan
* This worm is particularly dangerous in corporate environments, as it has a greater capacity to spread via e-mail than its predecessors, meaning than it can collapse networks much more rapidly
* The fact that this malicious code has emerged at the same time as five new variants of the Bagle, which have been detected over the last few days, makes the situation even worse
Glendale, CA - March 01, 2004 - The Netsky.D worm, which was detected just a few hours ago by PandaLabs, has started to spread extremely rapidly and is causing a large number of incidents worldwide. In fact, Netsky.D is already the third virus most frequently detected by the free, online antivirus Panda ActiveScan.
For this reason, Panda Software has released its free PQRemove utility which detects and eliminates Netsky.D from infected computers. This application also restores any changes this new worm has made to the system configuration.
This tool can be downloaded free of charge from http://www.pandasoftware.com/download/utilities.
Netsky.D has a much faster propagation capacity than its predecessors, as it can start up to 8 processes in memory in order to send itself out via e-mail. This makes the worm particularly dangerous in corporate environments, as it could very quickly crash computer networks.
This problem is made worse by the recent appearance of variants C, D, E, F and G of the Bagle worm, which are also designed to spread highly effectively via e-mail.
Netsky.D reaches computers in an e-mail message whose subject, message body and attached file are selected at random from a long list of options. For information on these options, consult Panda Software's Virus Encyclopedia.
Netsky.D spreads via e-mail by sending itself out to all the address it finds in files with the following extensions on the affected computer: EML, .TXT, .PHP, .PL, .HTM, .HTML,.VBS, .RTF, .UIN, .ASP, .WAB, .DOC, .ADB, .TBB, .DBX, .SHT, .OFT, .MSG, .SHTM, .CGI, and .DHTM. It does this using its own SMTP engine.
Netsky.D deletes the Registry entries created by certain worms, including Mydoom.A and Mimail.T. This worm has also been designed to emit several random beeping sounds between 6:00 and 8:59 when the system date is March 2, 2004.
Due to the high risk of being infected by Netsky.D, Panda Software advises users to treat all e-mails received and all files downloaded from the Internet with caution. The company has already made the updates to its products available to its clients to ensure their solutions can detect and eliminate Netsky.D. Those whose software is not configured to update automatically, should update their solutions from http://www.pandasoftware.com.
Similarly, users can also detect and disinfect this and other malicious code using the free, online antivirus, Panda ActiveScan, which is also available on the company's website at http://us.pandasoftware.com/activescan.
More information on Netsky.D and variants C, D, E, F and G of Bagle in Panda Software's Virus Encyclopedia.
On receiving a possibly infected file, Panda Software's technical staff gets straight to work. The file is analyzed and depending on the type, the action taken may include: disassembly, macro scanning, code analysis etc. If the file does in fact contain a new virus, the disinfection and detection routines are prepared and quickly distributed to users.
Don't get caught with a deadly virus. Get the protection your PC needs. Get Panda Antivirus Titanium for your desktop. Panda Antivirus Titanium is the "install it and forget it" antivirus product - ideal product for home users.