W32.Netsky.B@mm

Due to a decreased rate of submissions, Symantec Security Response has downgraded W32.Netsky.B@mm from a Category 3 to a Category 2 as of May 12, 2004.

W32.Netsky.B is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses it finds when scanning the hard drives and mapped drives. This worm also searches drives C through Z for folder names containing "Share" or "Sharing," and then copies itself to those folders.

The Subject, Body, and email attachment vary.




Translations of this Document:
Given the time required to translate documents into other languages, the translated versions of this document may vary in content if the English document was updated with new information during the translation process. The English document always contains the most up-to-date information.

Available translations:
German
French
Italian
Portuguese
Spanish
Korean
Japanese
Simplified Chinese
Traditional Chinese

Protection

• Initial Rapid Release version February 18, 2004
• Latest Rapid Release version July 27, 2009 revision 085
• Initial Daily Certified version February 18, 2004
• Latest Daily Certified version July 27, 2009 revision 073
• Initial Weekly Certified release date February 18, 2004

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

• Wild Level: Medium
• Number of Infections: More than 1000
• Number of Sites: More than 10
• Geographical Distribution: Medium
• Threat Containment: Easy
• Removal: Moderate

Damage

• Damage Level: Low

Distribution

• Distribution Level: High