W32.Namshare
Aliases: W32/Namshare
Variants: P2P-Worm.Win32.Sharan.c, W32/Namshar, Worm/Sharan.A
Classification: Malware
Category: Computer Worm
Status: Inactive
Spreading: Slow
Geographical info: N/A
Removal: Hard
Platform: W32
Discovered: 25 Feb 2005
Damage: Low
Characteristics: The W32.Namshare malware is a peer to peer or P2P worm that spreads via file sharing applications like KaZaa and Morpheus. This worm’s infection routine commences by copying its code the P2P applications’ shared folders located on the victim system. One the worm has successfully planted its copy in the shared folder, the P2P network is handled with spreading the worm’s infection to other machines.
W32.Namshare Removal Tool
If you have Malware on your computer it will cause annoyances and will damage your system. You should either:
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
A. Manually remove the infected files from your computer, or
B. Automatically scan your system using trusted software
RECOMMENDED:
We recommend that you scan your system for malware. Our partner has a computer worm removal tool to automatically clean W32.Namshare from your computer.
More details about W32.Namshare
The W32.Namshare worm will create one copy of itself in the compromised machine in either the .exe, .pif, .cpl or .com file extensions. It will then modify the registry by adding a value to a specific registry subkey so that it is activated once Windows is started. The malware also creates a random service name from a mixture of predetermined strings that are mostly security related. It then creates the ‘SharMan’ mutex to make sure that only a single instance of itself is running on the machine. This security threat will then proceed to copy its code to folders with the ‘share’ string. The extensions that will be used with the worm’s copies will use either .pif, .exe, .cpl, .com, .doc, .txt, .xls, .rtf or .pdf.For the infection of the W32.Namshare worm to be completely eliminated, users have to search the infected computer system for all the worm’s dropped files and then delete them all. Go to the Windows Task Manager and then try to spot the worm’s running process in the list of active processes and then end it. All the registry entries created by the security threat should also be removed. It is also critical that users make a backup file of the Windows registry before making any alterations on it. To avoid an infection from this worm, disable the file sharing option if not necessary. If however it is really necessary, utilize password protection and ACLs to limit the access on shared files.
Browse for more malware information
- W32.Namshare
- W32.Narcha
- W32.Narcs
- W32.Navidad
- W32.Neela
- W32.Neeris
- W32.Nekat.A
- W32.Netav.Worm
- W32.Netlip.Worm
- W32.Netsky.AA@mm
- W32.Netsky@mm
- W32.Netspree.Worm
- W32.Neveg.A@mm
- W32.NewApt.Worm
- W32.Nimda.A@mm
- W32.Nits.A
- W32.Niucoft
- W32.Niuniu
- W32.Noddaba
- W32.Nodmin@mm
- W32.Nogrov@mm
- W32.Nohoper.7397
- W32.Nolor@mm
- W32.Nomvar
- W32.Noomy.A@mm
- W32.Notech
- W32.Nuffy.A
- W32.Nujama
- W32.Nuker.Winskill
- W32.Ogid
Contact Us
|
Privacy Policy
|
Site Map
Copyright © Uniblue Systems Limited 2007. All rights reserved.