This type of worm is embedded in an e-mail attachment, and spreads using the infected computer's e-mailing networks.
Disinfection & Removal
Allow F-Secure Anti-Virus to disinfect the relevant files.
For more general information on disinfection, please see Removal Instructions.
This is the Email-Worm General Information page.
An Email-Worm (also known as a mass-mailer or less commonly an Internet worm) distributes copies of itself in an infectious e-mail attachment. Often, these infected e-mails are sent to e-mail addresses that the worm harvests from files on an infected computer.
For representative examples of email-worms, see:
Email-Worm typically arrive as executable files attached to fake e-mail messages.
Some mass mailers randomly compose subjects and bodies of infected messages from words and phrases carried in the worm's own code; other worms use content found in randomly selected files in the infected computer to compose the e-mail message. The name of the file attachment can be either random, or 'borrowed' from other files.
Many worms send themselves as attachments with double extension, for example .MPG.EXE or AVI.PIF. In this case a recipient in most cases can only see the first extension. Because of that some users try to start such attachments thinking that these are multimedia files.
Email-worms normally use social engineering tactics to entice the user into opening and executing the e-mail attachment. As such, users can avoid infection by an email-worm by simply refusing to open any e-mail file attachments without first verifying its safety with the e-mail sender.
In some cases however, an infected attachment may contain an exploit that allows the e-mail worm to install and start automatically on the computer, without any user action. This is only possible if the e-mail client contains certain vulnerabilities.
Most worms nowadays include malicious routines (e.g.,password or data stealing), or carry viruses and backdoors inside them.