We're currently seeing a lot of Mark.W0rm.exe files appearing in our network. At the moment, the only available information is that it is a "test" virus that copies itself to common Windows folders. Removal is quite simple: End the task Mark.W0rm.exe in task manager if present and delete the file copied into the following directories: C:\Documents and Settings\[user]\Local Settings\ C:\Documents and Settings\[user]\My Documents\My Music\My Music.exe C:\Documents and Settings\[user]r\My Documents\My Documents.exe C:\Documents and Settings\[user]\My Documents\My Pictures\My Pictures.exe C:\Windows\MarkWorm.exe Note: It may also copy itself on shared folders so you might want to check for that too.