Threat Description:
Worm.Win32.Passma (alias W32/Passma worm) is privacy-infringing malicious software that is able to do quite a bit of harm to the system it infiltrates. Worm.Win32.Passma propagates in several ways. One of these may be the use of spam Email that are sent by automated machines (bots) and come with contagious attachments. If you click one of those attached files you may unknowingly help hackers promote their nasty cyber offspring. Another method of Worm.Win32.Passma distribution (a more widespread one) is through security backdoors and small leaks in the targeted systems. The worm can easily make its way through such splits and find itself inside your Operating System without you knowing about that. When on board, Worm.Win32.Passma configures your OS to run some bad executables every time you log into Windows. This effect is achieved through some changes made to Windows Registry. These corrupt processes are Passma.exe and Servicemgr.exe, and they will determine the extent to which you can feel protected when using your machine.
Threat Description:
The sole fact that W32.Custam is a computer worm implies that it infiltrates computers without being noticed (and intercepted of course) and spreads instantly throughout the contaminated system by means of replicating itself. W32.Custam worm injects Windows Operating System and typically applies backdoor methods for that purpose. It finds and uses software vulnerabilities when intruding; another way of W32.Custam’s infiltration is removable media such as flash memory. Along with being really hard to detect, W32.Custam is also not simple to remove because, like we have mentioned, it creates copies of itself in different system locations. This means eliminating this worm from one spot will sure not stop the parasite from acting, so it takes a more complex approach to disinfect the computer system. Let’s now analyze the activity of W32.Custam when it’s running on your PC. It’s as simple as ABC for W32.Custam to set up a connection with an external server which is maintained by criminals. With the help of W32.Custam worm, these Internet fraudsters can hack into your system and get hold of the private data stored on your machine.
Threat Description:
Having W32.Palevo (alias Palevo worm) malware on your computer, you are likely to stumble upon some serious system malfunctions and get your privacy endangered. The bulk of W32.Palevo worm’s impact on a random Operating System is concentrated on your security protection, i.e. the antivirus software you have on board your PC. W32.Palevo tends to disable the usage of actual antivirus tools so that the removal procedure gets much aggravated. W32.Palevo spreads owing to shared networks and infected file attachments. So anyone is potentially exposed to the unannounced intrusion of this nasty infection. Unlike the vast majority of worms, W32.Palevo changes the Registry and therefore makes your system run malicious executables upon each startup. Along with this, W32.Palevo usually helps additional malware enter your computer without any particular obstacles. Another bad part of W32.Palevo nature consists in the fact that it populates the injected system with enormous speed through a sophisticated self-replication procedure.
Threat Description:
W32.Scrshotvid is a self-replicating computer worm that tends to propagate via removable media, or as a hidden component of downloaded files that seem harmless. The biggest risk arising from W32.Scrshotvid intrusion is that of privacy violation probability. This nefarious parasite is able to open security holes in the compromised system from the inside. These so-called backdoors will be used to further establish a stealthy connection with an external server which is hackers’ analytic center. Along with this obscure indirect influence, W32.Scrshotvid is as well capable of uploading dangerous files onto the targeted OS thus making the PC exposed to many other infections such as spyware, trojans, rogue antivirus tools etc. W32.Scrshotvid is sensitive to the stuff being typed by the infected PC’s user. It records these data and sends them to cyber criminals for further processing. These can be your credit card details, passwords and other personally identifiable information which is strictly private.
Rootkit.Win32.Agent.pp Description:
Rootkit.Win32.Agent.pp is a pseudo-infection being exploited by Malware Defense scareware in order to frighten its victims into buying the registered version of this nasty software product. Actually, Rootkit.Win32.Agent.pp is a real computer parasite that records a PC user’s keystrokes and transmits these data to a remote analytic center run by hackers. But in the framework of Malware Defense rogueware distribution schemes, Rootkit.Win32.Agent.pp is being exploited as just a scary-sounding puppet infection that is supposed to get people greatly alarmed and inclined to install whatever software is suggested – just to get rid of this virus. Malware Defense fake anti-spyware tends to trigger alerts like the one shown below, saying that Rootkit.Win32.Agent.pp worm has been intercepted on your PC and must be neutralized immediately
Worm.PoeBot.KY Description:
Worm.PoeBot.KY (also known as Virus/Win32.Virut.av or Backdoor:Win32/Poebot.BD) is a computer worm that spreads across PC networks using host system exploits and security vulnerabilities. Worm.PoeBot.KY establishes a hidden connection with an external server and drops its own executables into a phony Recycle Bin directory so as to disguise and hide inside the compromised Operating System. The above might sound a bit confusing but this precisely exemplifies the intricacy of malware applications nowadays. Sad to know, Worm.PoeBot.KY may perform the function of a keylogger that records the user’s typed symbols in order to send this private information to a remote IP. Worm.PoeBot.KY can also corrupt and distort the system files and vital processes running on the compromised system. Considering the fact that Worm.PoeBot.KY is a privacy hazard, it should be removed once intercepted on your PC.
Worm.Win32.NetSky Description:
If you happen to receive alerts about the detection of Worm.Win32.NetSky virus on your computer, you should realize that there’s something malicious going on inside your computer system. Trickily enough, the actual malware problem you are facing is not Worm.Win32.NetSky itself – it’s the counterfeit antivirus program that is to worry about. The spyware alerts allegedly reporting Worm.Win32.NetSky are being triggered by the dangerous rogue anti-spyware tool called Internet Security 2010 which has been in rotation for around 6 months now. When Internet Security 2010 secretly finds itself inside your computer, it tends to display fake spyware interception alerts like the one whose snapshot we’ve provided below. Please abstain from clicking any buttons on such fake warning messages or else you will unknowingly trigger an almost irrevocable procedure of scareware invasion of your machine.
Virus.Win32.Hala.a Description:
Virus.Win32.Hala.a is a PC parasite whose belonging to a particular malware category is being argued over, most IT experts being inclined to consider it a computer worm because it self-replicates and possesses some more corresponding characteristic features. However, Virus.Win32.Hala.a seems to have found itself a new application sphere lately – it’s being exploited as a scare application in the framework of distributing Additional Guard and other rogue anti-spyware programs belonging to the same family. Please, take a look at the screenshot below – it’s a Security Center Alert that mentions Virus.Win32.Hala.a as a virus that potentially threatens your PC security and must be blocked. You should bear in mind that such alert is a fake one which tries to make you install Windows Police Pro scareware. Hence, you don’t literally need to delete Virus.Win32.Hala.a infection; you should uninstall the malicious program that triggers fake ads like that.
Net-Worm.Win32.Mytob.t Description:
Net-Worm.Win32.Mytob.t is being actively used for paving the distribution paths of rogue anti-spyware. The snapshot below shows a fake warning message triggered by Windows Police Pro scareware application. As you can see, Net-Worm.Win32.Mytob.t is claimed to be a piece of suspicious software that contaminates computers running Windows OS; and it’s stated to have been detected on your computer. Actually, that’s just a trick applied by Windows Police Pro to scare you and make you believe you really have this odd PC worm on your machine. Having intimidated you this way, Windows Police Pro rogueware creators are hoping to win your trust and get you installing and buying the full commercial version of their scamware. Consequently, you should bear in mind that Net-Worm.Win32.Mytob.t alerts are misleading; that Security Center Alerts like the one below are not to be trusted; and last but not least – the messages about Net-Worm.Win32.Mytob.t being detected are a sign of Windows Police Pro fake anti-spyware invasion.
Backdoor.Win32.Hupigon Worm Description:
Backdoor.Win32.Hupigon (aka Backdoor.Win32.Hupigon.fixn or Hupigon.fixn) is a computer worm that infects one’s OS secretly and challenges the user’s privacy by stealing confidential information. That’s the encyclopaedic knowledge. However, Backdoor.Win32.Hupigon worm is known to have been lately exploited in the scareware campaign meant for pushing the rogue antivirus product called Windows Antivirus Pro. In this particular role, Backdoor.Win32.Hupigon is mentioned on deceptive alerts triggered by vundo trojans related to Windows Antivirus Pro malware. It’s the trojans that are responsible for triggering the false ads reading “Windows Antivirus Pro has denied internet access of the program”. Those bogus alerts blame Backdoor.Win32.Hupigon.fixn for compromising the user’s privacy through personal data theft and transmission to remote attackers. The two options available on Backdoor.Win32.Hupigon alerts are as follows: “Yes, Activated Windows Antivirus Pro” and “No, Activate later”.