Welcome to Power Plant by Power-Net Internet Services
Power-Net Anti-Virus Page
Navigation
Recent Entries
¤ Spam/Possible Virus -Subject: Pictures from Craigslist
¤ Conficker Worm
¤ "Dear Account User" - Scam Message
¤ "You have just received a virtual postcard" Spam
¤ "Fake Antivirus" - Removal Tool Now Available
¤ View All
¤ Conficker Worm
¤ "Dear Account User" - Scam Message
¤ "You have just received a virtual postcard" Spam
¤ "Fake Antivirus" - Removal Tool Now Available
¤ View All
Links
Antivirus Programs
¤ Avast Antivirus
¤ AVG - Free Anti-Virus
¤ Avira AntiVir
Information
¤ Syamantec Virus Info
¤ Unwantedlinks.com
¤ Virus Encyclopedia
¤ Virus Hoax
Misc/Patches
¤ Mozilla Firefox (Browser)
¤ Sasser Patch - 2000/XP
¤ Zobot Patch
Removal Tools
¤ Avast! Removal Tool
¤ Beagel Removal
¤ Mytob Removal Tool
¤ Netsky Fix Tool
¤ Sasser Removal Tool
¤ Sober (Choose version)
¤ Sober.C Removal (NEW)
¤ Sober.X Removal
¤ Stinger - Virus Removal Tool
¤ Virus Removal Tool List
¤ Virus Utilities
¤ Zobot Removal Tool
Spyware Removal
¤ Ad-Aware
¤ CW Shredder
¤ Hijackthis
¤ Malwarebytes
¤ SpyBot - Search & Destroy
¤ Windows Defender
¤ Avast Antivirus
¤ AVG - Free Anti-Virus
¤ Avira AntiVir
Information
¤ Syamantec Virus Info
¤ Unwantedlinks.com
¤ Virus Encyclopedia
¤ Virus Hoax
Misc/Patches
¤ Mozilla Firefox (Browser)
¤ Sasser Patch - 2000/XP
¤ Zobot Patch
Removal Tools
¤ Avast! Removal Tool
¤ Beagel Removal
¤ Mytob Removal Tool
¤ Netsky Fix Tool
¤ Sasser Removal Tool
¤ Sober (Choose version)
¤ Sober.C Removal (NEW)
¤ Sober.X Removal
¤ Stinger - Virus Removal Tool
¤ Virus Removal Tool List
¤ Virus Utilities
¤ Zobot Removal Tool
Spyware Removal
¤ Ad-Aware
¤ CW Shredder
¤ Hijackthis
¤ Malwarebytes
¤ SpyBot - Search & Destroy
¤ Windows Defender
Virus News
WORM_LOCKSKY.Y
WORM_LOCKSKY.Y is a memory-resident worm that propagates by sending a copy of itself as an attachment to email messages. It is currently spreading in-the-wild and infecting systems that run Windows NT, 2000, XP, and Server 2003.
The email that it sends has the following details:
Subject: Your mail Account is Suspended
Message body: We regret to inform you that your mail account has been suspended due to the violation of our site policy, more info is attached.
Attachment: acc_info{random number}.exe
It spoofs the From: field in an attempt to trick users into thinking that the spammed email is from a trusted source.
It bypasses an affected system's firewall thereby effectively lowering system security.
This worm checks for an updated copy of itself by connecting to a specific Web site, and if an updates is available, downloads the update.
It also logs keystrokes and saves the gathered information.
Upon execution, it drops a copy of itself in the Windows folder, and also drops component files, and other copies of itself in the Windows system folder.
The email that it sends has the following details:
Subject: Your mail Account is Suspended
Message body: We regret to inform you that your mail account has been suspended due to the violation of our site policy, more info is attached.
Attachment: acc_info{random number}.exe
It spoofs the From: field in an attempt to trick users into thinking that the spammed email is from a trusted source.
It bypasses an affected system's firewall thereby effectively lowering system security.
This worm checks for an updated copy of itself by connecting to a specific Web site, and if an updates is available, downloads the update.
It also logs keystrokes and saves the gathered information.
Upon execution, it drops a copy of itself in the Windows folder, and also drops component files, and other copies of itself in the Windows system folder.
January 31st, 2006
Power-Net does not support nor endorse these programs but have found some of them helpful. Many of the programs and links found on this page are for third-party applications and are to be used at your own risk. Should you encounter problems with the tools, you may need to consult a computer technician for further assistance.