W32.Vispat.B@mm Threat Level:

W32.Vispat.B@mm is a worm that harvests email addresses on your PC after you’ve been infected. W32.Vispat.B@mm then emails itself to these email addresses and infects these computers, via its email message titled “Re:Ho sbagliato email,” with the attachment named “fotoamore.zip”, and the message body:

“Dire che sono imbarazzato per l’errore di invio mi sembra scontato…
spero che capirai che quanto
Se vuoi capire di cosa si tratta guarda in allegato o scarica lo zip da qui”
ciao tesoro mio”

W32.Vispat.B@mm may also change your Internet Explorer start page/home page to http://www.katasearch.com/______, and W32.Vispat.B@mm may also lower your security settings for Internet Explorer, putting your PC at risk for further infection.

Read more about W32.Vispat.B@mm »

Sober Worm is a worm that spreads itself through email as an attachment, approximately sized 56,808 bytes, with a random name and the file extension .pif, .zip, or .bat. You have to open Sober Worm’s attachment to infect your PC, and once Sober Worm infects your system, Sober Worm may popup a message (”WinZip Self-Extractor, WinZip_Data_Module is missing ~Error:”) and then may scan your system for any email addresses and send itself as an email attachment to these addresses. Sober Worm will save the email addresses it emails in a file named winexerun.dal, winmprot.dal, winroot64.dal, or winsend32.dal. Sober Worm uses its own SMTP engine to send these emails, making it less likely to be detected.

Read more about Sober Worm »

Zhelatin.DAM is a worm that spreads itself through email. When you’re infected with Zhelatin.DAM, Netsky may nestle itself in your system using rookit tactics to keep from being detected. Zhelatin.DAM may add your computer to an IRC botnet, and Zhelatin.DAM will harvest email addresses from your computer and spam itself as an attachment to your contacts.

Read more about Zhelatin.DAM »

Worm.NetSky or Netsky Virus is malware sometimes classified as a worm and virus. Worm.Netsky or Netsky Virus spreads itself through email. When you’re infected with Worm.Netsky/Netsky Virus, Netsky may nestle itself in your registry so that it launches every time you boot up your computer. Netsky duplicates its processes in your system, so that if you delete one Netsky processes the other may function. Worm.Netsky/Netsky Virus will harvest email addresses from your computer and automatically mail itself as an attachment to your contacts. Worm.Netsky/Netsky Virus may also open a backdoor security hole in your PC, so that an anonymous attacker may silently command your PC. It’s recommended your delete Netsky immediately.

Read more about Worm.Netsky (or Netsky Virus) »

Pykse is new malware reportedly targeting popular Internet calling software Skype. Pykse, said to be a worm though it requires some interaction from users, Skypes messages of links to contacts reaped from an infected PC. Pykse’s Skype messages link to a picture of barely dressed woman, which is displayed while Pykse downloads and installs itself onto a user’s computer. Once Pykse is installed, it may lodge in your registry system and create browser helper objects (BHO) so that it launches at your systems start up. Pykse may then set your Skype status to “Do Not Disturb” so you won’t receive incoming messages while it attemps to infect other users and visit websites.

Read more about Pykse Skype Worm »

Stration Worm is a worm that may block your security software, including your antivirus software, firewalls, and more. Stration Worm may also cause Internet Explorer web browser errors, block your using Registry Editor, stop you from saving on NotePad, and download other malware from the Internet. Stration Worm may use your ICQ without your knowledge to infect other computers by sending them links to download Stration Worm. Your computer becomes infected when you click this link and download Stration Worm. Once Stration Worm has infected your computer, the worm may copy itself to your Windows System folder and create files so that it is launched every time you startup your system. When you’re infected with Stration Worm, it’s recommended you delete it immediately.

Read more about Stration Worm »

MSNMaker is a worm that spreads through your MSN Messenger. When you’re infected with MSNMaker, the worm may replace MSN Messenger’s executable file (msnmsgr.exe) with a copy of itself, and then rename itself msn.exe. A remote attacker may then use MSNMaker to take command of your computer, using your MSN Messenger now to capture messages you receive and send, launch websites, send popup messages, disable your message abilities, log you off from MSN Messenger, change your display name on MSN Messenger, and more. MSNMaker worm may arrive as a file sent by a remote attacker via MSN Messenger, or MSNMaker worm may be downloaded from a URL, http://www.pictu[BLOCKED]entre.com/MsnTricker.zip. MSNMaker is also known as BKDR_MSNMaker.B and W32/MSNMaker.B. When you’re infected with MSNMaker, it’s recommended you delete the worm immediately.

Read more about MSNMaker »

Worm.Semail is a worm that may change your Internet Explorer home page and error pages, and launch popup ads. Worm.Semail may change your HOSTS file to keep you from visiting certain Microsoft websites. Worm.Semail may try to infect other computers by emailing itself to addresses in your Outlook addressbook. Worm.Semail may have infected your computer this way, as an email attachment, or Worm.Semail may have infected your PC through security exploits or via a bundle of other malware. When you’re infected with Worm.Semail, it’s recommended you delete Worm.Semail immediately.

Read more about Worm.Semail »

Conycspa is a mass mailer that may download and install adware, malware, and dialers onto your computer. Conycspa may email itself to all of your addresses in your Outlook address book, which is how you may have been infected. Conycspa may secretly install itself onto your system, making Conycspa difficult to manually detect and remove.

Read more about Conycspa »

Worm.Doombot is a worm that may replicate itself and infect your computer through email attachments. Worm.Doombot may intentionally disable your anti-virus software, and may allow an anonymous attacker remote access to your system via an IRC backdoor. Doombot may attempt to email itself as attachment to all email addresses it finds on your PC, and Doombot may also spread itself through instant messanger applications. Doombot may also be known as Mytob.NK and Foundu-A.

Read more about Worm.Doombot »