WelcomeEnterpriseSmall BusinessHome & Home OfficePartnersAbout Symantec
March 1, 2004
Intruder Alert 3.6 W32_Netsky_D_Worm Policy

This policy detects the propagation of the W32.Netsky.D Worm.

Download ITA W32_Netsky_D_Worm Policy

NOTE: The "Netsky_D_File_Detected" rule only works if the instructions for configuration for Filewatch monitoring have been implemented. These instructions are outlined below.

Affected Platforms

Windows NT/2000/2003/XP

Description

This policy detects the propagation of the W32.Netsky.D Worm.

Policy Rules include:

  • Netsky_D_Worm_Activity
    This rule detects the changes in the registry associated with the W32.Netsky.D Worm.

  • Netsky_D_File_Detected
    This rule detects the creation of files associated with infection of the W32.Netsky.D worm.

ITA Filewatch Configuration Instructions

  1. Browse to the system folder where the ITA agent is installed.

  2. Locate the ntcrit_S.lst file.

  3. Insert the following file to be monitored:

    #windir\winlogon.exe


Last modified on: Monday, 01-Mar-04 22:38:44
Site Map · Legal Notices · Privacy Policy · · Contact Us · Global Sites · License Agreements
©1995 - 2008 Symantec Corporation
[an error occurred while processing this directive]