Threat Description

Net-Worm

Details

Aliases: Net-Worm
Category: Malware
Type: Net-Worm
Platform: W32

Summary


A type of worm that replicates by sending complete, independent copies of itself over a network.



Removal


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More scanning & removal options

More information on scanning or removal options is available in the documentation for your F-Secure security product on the Downloads section of our Home - Global site.

You may also refer to the Knowledge Base on the F-Secure Community site for further assistance.


Suspect A False Alarm?

If you suspect a file has been incorrectly identified as malicious, (that is, it is a False Alarm or a False Positive), please first ensure your F-Secure security program is up-to-date with the latest detection database updates, then rescan the suspect file.

If you continue to suspect a False Alarm, you may submit a sample of the suspect file to our Security Labs for further analysis via the Sample Analysis System (SAS).






Technical Details


A net-worm is a type of worm that finds new host machines to infect by using network shares -a media (such as a hard drive or server) that can be accessed by multiple computers on a local area network (LAN), such as a company intranet. The net-worm will usually infect the share in order to subsequently infect every computer that accesses the share.

In many cases, corporate computers and servers have a few open shares, making these networks particularly vulnerable and facilitating a net-worm's rapid spread through the network. In more sophisticated cases, net-worms may even contain a list of generic passwords to use in attacking password-protected shares.

Once transferred to another host machine, some net-worms copy themselves to startup folders of different users on remote computers. In this case they can start every time a user is logged on to the machine.

A net-worm may also include a malicious payload, such as dropping keylogger program on the infected computer, or attempting to connect it to a remote server.

For more information about worms, see Articles: Worms.






SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More