I-Worm.Bagle.n Threat Level:

I-Worm.Bagle.n is a worm that appears in security scans by fake antispyware Internet Antivirus.

Is I-Worm.Bagle.n dangerous? I-Worm.Bagle.n might have been a serious threat, once upon a time. Now, I-Worm.Bagle.n’s biggest danger is scaring you into wasting $49.95 on Internet Antivirus.

You’re not really infected with I-Worm.Bagle.n — you’re infected with scamware that you need to remove.

I’ll show you how to get rid of I-Worm.Bagle.n and Internet Antivirus, for free.

Read more about I-Worm.Bagle.n »

I-Worm.NetSky.q Threat Level:

I-Worm.NetSky.q is a worm that appears in security scans by fake antispyware Internet Antivirus.

Is I-Worm.NetSky.q dangerous? I-Worm.NetSky.q might have been a serious threat, once upon a time. Now, I-Worm.NetSky.q’s biggest danger is scaring you into wasting $49.95 on Internet Antivirus.

You’re not really infected with I-Worm.NetSky.q — you’re infected with scamware that you need to remove.

I’ll show you how to get rid of I-Worm.NetSky.q and Internet Antivirus, for free.

Read more about I-Worm.NetSky.q »

Worm.Brontok Threat Level:

Worm.Brontok is a worm that spreads through an email attachment. Worm.Brontok’s email reads:

From: “angelina_ph@[recipient’s domain]” or “jennifer_sh@[recipient’s domain]”
Subject: “Fotoku yg Paling Cantik” or “My Best Photo”
Message text:
“Hi,
Aku lg iseng aja pengen kirim foto ke kamu.
Jangan lupain aku ya !.
Thanks”
or
“Hi,
I want to share my photo with you.
Wishing you all the best.
Regards,”

Attachment name: Photo.zip

I can’t think of any photos great enough to risk catching Worm.Brontok. Even of Heidi Klum.

Well…

Read more about Worm.Brontok »

Spyworm.Win32 Threat Level:

Spyworm.Win32 is a worm that appears in fake security alerts from rogue antispyware. Spyworm.Win32 popups could read:

“Your computer was infected with Spyworm.Win32.
It’s dangerous for your system, some files can be lost and your browser can be slow!
Click OK to download the antispyware program to clean your computer! (Recommended)”

or

“Your browser was hijacked by Spyworm.Win32.”

This Spyworm.Win32 popup is supposed to scare you into buying the fake antispyware, like Smitfraud. You may have caught “Spyworm.Win32″ by a drive-by download, or getting tricked into downloading a fake video codec.

Unless you like getting ripped off, don’t download the software the Spyworm.Win32 popup links to. You’re not really infected with Spyworm.Win32 — you’re infected with fake anti-spyware that you need to remove.

Read more about Spyworm.Win32 »

Worm.Win32.Netbooster Threat Level:

Worm.Win32.Netbooster is a worm that appears in fake security alerts from rogue antispyware. Worm.Win32.Netbooster popups could read “Your browser was hijacked by Worm.Win32.Netbooster,” or “Your browser was hijacked by Worm.Win32.Netbooster.” This Worm.Win32.Netbooster popup is supposed to scare you into buying the fake antispyware, like Smitfraud. You may have caught “Worm.Win32.Netbooster” by a drive-by download, or getting tricked into downloading a fake video codec.

Unless you like getting ripped off, don’t download the software the Worm.Win32.Netbooster popup links to. You’re not really infected with Worm.Win32.Netbooster — you’re infected with fake anti-spyware that you need to remove.

Read more about Worm.Win32.Netbooster »

Rontokbro Threat Level:

Rontokbro is a worm that spreads itself via email. If you get an email with a blank subject line, an attachment named Kangen.exe, and a message reading:

BRONTOK.A [ By: HVM31 -- JowoBot #VM Community ]
– Hentikan kebobrokan di negeri ini –
1. Adili Koruptor, Penyelundup, Tukang Suap, Penjudi, & Bandar NARKOBA
( Send to “NUSAKAMBANGAN”)
2. Stop Free Sex, Absorsi, & Prostitusi
3. Stop (pencemaran laut & sungai), pembakaran hutan & perburuan liar.
4. SAY NO TO DRUGS !!!
– KIAMAT SUDAH DEKAT –
Terinspirasi oleh: Elang Brontok (Spizaetus Cirrhatus) yang hampir punah[ By: HVM31 ]– JowoBot #VM Community –

– Avoid it faster than you avoid texts from your ex. Rontokbro launches every time you start your system, Rontokbro reboots your PC when it detects windows it doesn’t like, and Rontokbro spams everyone an infected email to spread itself.

Read more about Rontokbro »

Worm_Imbot.AC Threat Level:

Worm_Imbot.AC is a worm that spreads itself through MSN Messenger and some insecure websites. Worm_Imbot.AC typically sends you an instant message on MSN Messenger, with a .zip file attached. Of course, the attachment is a contains Worm_Imbot.AC. Worm_Imbot.AC’s IM might read:

“Have I shown you this new picture of my cat:)”
“Hey, check out this great photo from my trip to England”
“Did you see this picture, it’s hilarious!!!!!”

I can’t think of any photos great enough to risk downloading Worm_Imbot.AC. Even of Heidi Klum.

Well…

If you’ve ever received a message like that on MSN Messenger, it’s best to stop using MSN until you know you’ve removed Worm_Imbot.AC. Otherwise, Worm_Imbot.AC may connect to TCP ports and let anonymous attackers execute commands on your computer, and kill memory processes.

Read more about Worm_Imbot.AC »

Backdoor.Agobot Threat Level:

Backdoor.Agobot is a family of backdoor worms that spreads itself through peer-to-peer (P2P), file-sharing applications. When Backdoor.Agobot infects your computer, it’ll take commands from an anonymous attacker via IRC to start DoS (Denial of Service) attacks (DoS attacks work by overloading your computer with so much traffic that it crashes). Backdoor.Agobot can also execute commands through cmd.exe, and Agobot rips a security hole into your system, making your financial and personal information insecure. Agobot may also be known as Gaobot, and other bots in the Agabot family include Phatbot, Urxbot, Rbot, Forbot, and Rxbot. Some versions of Agobot can use a keylogger to steal your information. I say remove Backdoor.Agobot and its cousins as fast as you can. The only reason you should download Agobot is to use the application to go after whoever installed it onto your machine, first.

Read more about Backdoor.Agobot »

Worm.Newbiero Threat Level:

Worm.Newbiero is a worm that tears a back hole in your system and allows a hacker to access your PC. Worm.Newbiero can infect your computer through open local area networks. Once Worm.Newbiero is on your PC, it starts up with Windows every launch. Worm.Newbiero then allows a hacker to access your PC, launching applications, downloading files, and putting your personal and financial data at risk. Worm.Newbiero will try to disable firewalls such as Sygate Personal Firewall, Tiny Personal Firewall, ZoneAlarm, and ZoneAlarm Pro. Worm.Newbiero can mess up your computer more than your three-year-old nephew banging on your keyboard, so delete Worm.Newbiero immediately.

Read more about Worm.Newbiero »

Worm.Skipi.b is a worm targeting popular Internet calling software Skype. Worm.Skipi.b, also known as Pykse, is said to be a worm though it requires some interaction from users. Worm.Skipi.b Skypes messages of links to contacts reaped from an infected PC. Worm.Skipi.b’s Skype messages link to a picture of barely dressed woman, which is displayed while Worm.Skipi.b downloads and installs itself onto a user’s computer. Once Worm.Skipi.b is installed, it may lodge in your registry system and create browser helper objects (BHO) so that it launches at your systems start up. Worm.Skipi.b may then set your Skype status to “Do Not Disturb” so you won’t receive incoming messages while it attempts to infect other users and visit websites.

Read more about Worm.Skipi.b »