411 on Spyware » Worms http://www.411-spyware.com 411-Spyware.com Fri, 20 Nov 2009 02:05:11 +0000 http://wordpress.org/?v=2.8.5 en hourly 1 Sdbot.add http://www.411-spyware.com/remove-sdbot-add http://www.411-spyware.com/remove-sdbot-add#comments Mon, 03 Aug 2009 01:55:41 +0000 Kristopher http://www.411-spyware.com/?p=5072 Sdbot.add -- dubbed "W32/Sdbot-ADD" by Sophos -- is a worm more painful than watching the KardashSimpHiltonSonian sisters. Instead of ruining reality TVfa, Sdbot.add runs wild through unprotected local networks. Once Sdbot.add is launched, it drops a rootkit that lets a hacker sneak into a backdoor of your computer. The Sdbot.add-enabled hacker then can control your computer remotely, through an IRC network. Sound worse than reading about KimJessParissica talking about their weight? It is. So close PerezHilton.com, and let me show you how to get rid of Sdbot.add.]]> http://www.411-spyware.com/remove-sdbot-add/feed 0 Invitation Card.zip http://www.411-spyware.com/remove-invitation-card-zip http://www.411-spyware.com/remove-invitation-card-zip#comments Fri, 26 Jun 2009 19:44:02 +0000 Kristopher http://www.411-spyware.com/?p=4898 Invitation Card.zip screenshot Invitation Card.zip is a worm attached to a scam email that pretends to be an invite to social networking site Twitter.com. This Invitation Card.zip email reads:
From: invitations@twitter.com Subject: Your friend invited you to twitter!
If you open this Invitation Card.zip attachment, you'll launch W32.Ackantta.B@mm, a worm that will copy itself to your removable drives and shared folders, then spam your other friends. W32.Ackantta.B@mm then may download a Trojan onto your machine, such as Trojan Vundo. I'm sure being part of a hacker's botnet sounds like a hot weekend, but if you'd rather spend your Sunday otherwise -- church? Family? Strip club? -- I can show you how to get rid of Invitation Card.zip and W32.Ackantta.B@mm, for free.]]> http://www.411-spyware.com/remove-invitation-card-zip/feed 2 YOUR – DAD – NAKED – hahahaha . pif http://www.411-spyware.com/remove-your-dad-naked-hahahaha-pif http://www.411-spyware.com/remove-your-dad-naked-hahahaha-pif#comments Sat, 06 Jun 2009 03:29:30 +0000 Kristopher http://www.411-spyware.com/?p=4732 YOUR – DAD – NAKED – hahahaha . pif screenshot YOUR – DAD – NAKED – hahahaha . pif is a Skype worm that spreads via messages from buddies on your contact list. You'll get a message from a contact, asking you if you want to download an MS-DOS .pif extension file, titled YOUR – DAD – NAKED – hahahaha . pif, YOUR-MOTHER-NAKED-hahahaha.pif, hahaa-lesbians-cats.PIF, OMG-GAY-DOGS.com, or OMG-lesbian_dogs.PIF. If you accepted YOUR – DAD – NAKED – hahahaha . pif, don't open it. If you launch YOUR – DAD – NAKED – hahahaha . pif, you'll start spreading YOUR – DAD – NAKED – hahahaha . pif to buds on your Skype contact list. YOUR – DAD – NAKED – hahahaha . pif may also download more badware onto your system. Check your Skype's download history, and see if you accidentally downloaded YOUR – DAD – NAKED – hahahaha . pif. If you did, avoid restarting your computer -- if you reboot your system, the worm may execute. Don't worry too much if you already opened YOUR – DAD – NAKED – hahahaha . pif -- I'll show you how to get rid of YOUR – DAD – NAKED – hahahaha . pif for free. ]]> http://www.411-spyware.com/remove-your-dad-naked-hahahaha-pif/feed 2 Batzback.B http://www.411-spyware.com/remove-batzback-b http://www.411-spyware.com/remove-batzback-b#comments Thu, 21 May 2009 23:32:04 +0000 Kristopher http://www.411-spyware.com/?p=4613 http://www.411-spyware.com/remove-batzback-b/feed 0 Worm.Fontra.F http://www.411-spyware.com/remove-worm-fontra-f http://www.411-spyware.com/remove-worm-fontra-f#comments Tue, 19 May 2009 18:23:07 +0000 Kristopher http://www.411-spyware.com/?p=4586 Worm.Fontra.F -- dubbed "W32/Fontra-F" by Sophos, "Virus.Win32.Fontra.c" by Kaspersky and F-Secure, "W32/Vbbot" by Mcafee, and "Worm/Delf.ATB" by Grisoft -- is a worm that spreads through folders connected with file-sharing apps, like BearShare or Limewire. The worm sneaks into these shared folders by replacing the folders' media files with its own zip archive -- without changing these media files' names. The only way to tell if you're infected with Worm.Fontra.F may be the inability to play Beyonce's latest single. In which case, you may want to thank Worm.Fontra.F.]]> http://www.411-spyware.com/remove-worm-fontra-f/feed 0 Warezov http://www.411-spyware.com/remove-warezov http://www.411-spyware.com/remove-warezov#comments Sat, 16 May 2009 18:43:30 +0000 Kristopher http://www.411-spyware.com/?p=4588 Warezov is a family of worms that infect computers through spam. Emails carrying Warezov are usually styled like an undelivered message or software update, with Warezov attached. After Warezov sneaks into your system, it spams your contacts with a similar message, and attempts to download updated versions of itself from sites. The worm may also block your access to some sites by changing your computer's HOSTS file, and stop your security software by killing their related processes. Warezov is a little bundle of joy, hmm? Let me show you how to delete this badware.]]> http://www.411-spyware.com/remove-warezov/feed 0 W32.Qakbot http://www.411-spyware.com/remove-w32-qakbot http://www.411-spyware.com/remove-w32-qakbot#comments Fri, 15 May 2009 03:49:35 +0000 Kristopher http://www.411-spyware.com/?p=4576 W32.Qakbot is a worm that spreads through resources shared on a network. Once W32.Qakbot nestles into your computer, the worm may steal personal information (think Outlook, FTP logins, keystrokes typed, sites visited, etc.), download more badware onto your PC, and allow a hacker to access your system. Unless spending a weekend with a zombie computer sounds hot, let me show you how to remove W32.Qakbot.]]> http://www.411-spyware.com/remove-w32-qakbot/feed 0 W32.Fiala.A http://www.411-spyware.com/remove-w32-fiala-a http://www.411-spyware.com/remove-w32-fiala-a#comments Thu, 14 May 2009 14:56:59 +0000 Kristopher http://www.411-spyware.com/?p=4565 W32.Fiala.A is a worm that spreads itself through your removable drives. W32.Fiala.A blocks certain applications from launching, and, as an early birthday gift, W32.Fiala.A may drop Trojans on your PC (think Trojan Horse, Hacktool.Rootkit or Trojan.KillAV). Thanks, W32.Fiala.A. Unless ID theft and zombie computers botnets sound like a hot weekend, let me show you how to get rid of W32.Fiala.A.]]> http://www.411-spyware.com/remove-w32-fiala-a/feed 0 W32.Mocon http://www.411-spyware.com/remove-w32-mocon http://www.411-spyware.com/remove-w32-mocon#comments Thu, 14 May 2009 08:22:40 +0000 Kristopher http://www.411-spyware.com/?p=4556 W32.Mocon is a worm that spies on you by tracking your every keystroke. This worm spreads itself through your removable drives. Unless identity theft and botnets of zombie computers sound like a hot weekend, let me show you how to remove W32.Mocon.]]> http://www.411-spyware.com/remove-w32-mocon/feed 0 INF/Conficker http://www.411-spyware.com/remove-inf-conficker http://www.411-spyware.com/remove-inf-conficker#comments Tue, 12 May 2009 17:56:02 +0000 Kristopher http://www.411-spyware.com/?p=4528 INF/Conficker is the latest version of the headline-making Conficker worm. As usual, INF/Conficker blocks your access to security sites (such as McAfee.com, Microsoft.com, and Symantec.com) and anti-badware software (Windows Defender Service, Windows Security Center Service, and more). INF/Conficker has also been linked to pimping scareware Spyware Protect 2009. So what's new with INF/Conficker? INF/Conficker gets its name as it spreads via an "autorun.inf." By doing this, Conficker can automatically infect every mapped and removable drive. Let's get rid of INF/Conficker before even more machines are infected.]]> http://www.411-spyware.com/remove-inf-conficker/feed 0