Another variant of the W32/Netsky.MM virus, W32/Netsky.s@MM is a Medium Risk mass-mailing worm that arrives inside a .PIF attachment. When run, the worm tries to open a backdoor on TCP Port 6789, which can help a remote hacker download and execute potentially malicious programs on the infected system.
W32/Netsky.s@MM will also launch a Denial of Service attack on various domains, including www.kazaa.com, starting in mid-April. The worm spreads itself by stealing email addresses from the infected computer, spoofing or forging the "from: field."
Up-to-date McAfee VirusScan users with DAT 4348 are protected from this threat.
Download: McAfee VirusScan DAT 4348
View: W32/Netsky.s@MM Virus Profile
View: Scan for the W32/Netsky.s@MM worm (online tool)