The worm spreads by copying itself to hard drives and removable drives. Once these drives are connected to another computer, the worm will then copy itself to those drives and spread further.

On infected computers, the worm will copy itself to a file with a name similar to 10.1.08.exe. The worm will also drop an autorun.inf file, so that it can be executed and it will create various registry entries.

After rebooting, there will be a flashing dot that appears around the mouse cursor. This is a tell tale sign of infection.

Scan and remove W32.Redlofs

The Federal Trade Commission filed a complaint (PDF) against Florida-based CyberSpy Software on November 5, alleging the company has violated the FTC Act by selling software that can be deployed remotely by someone other than the owner or authorized user of a computer, can be installed without the owner’s knowledge, and can used to surreptitiously collect and disclose personal information.

Defendants touted RemoteSpy as a “100% undetectable” way to “Spy on Anyone. From Anywhere.” According to the FTC complaint, the defendants violated the FTC Act by engaging in the unfair advertising and selling of software that could be:

1. deployed remotely by someone other than the owner or authorized user of a computer;
2. installed without the knowledge and consent of the owner or authorized user; and
3. used to surreptitiously collect and disclose personal information.

On infected computers, the worm will copy itself to a file called “sbsb.exe”.  The worm will also create numerous registry entries and will attempt to download files from remote locations. The remote files downloaded may contain further malware.

Always run a regular anti-spyware and anti-virus scan on your pc.

Scan and remove W32.Sigougou now

When a computer is infected, the trojan will add registry entries as well as adding a program “retadpu.exe” in the startup task list.

This trojan attempts to download more harmful malware onto infected systems. Once the additional malware is installed, the infected computer will experience huge problems.

Scan and remove Trojan.Retapu.D

The worm spreads via  drives and instant messaging programs. It can spread to removable or fixed storage drives and if these are connected to other computers it will then attempt to spread to those drives.

The worm will add various registry keys and files onto infected systems. It will then download files from a remote location. The worm will also stop certain processes running on the infected computer.

Scan and remove W32.Gaut.A

Spyware Doctor (from PC Tools) has been around for years and this product has won numerous awards. It has gone through many revisions over time, but is now one of the most solid spyware removers on the market.

Spyware Doctor is an advanced malware & spyware removal utility that detects, removes and protects your PC from thousands of potential spyware, adware, trojans, keyloggers, spybots and tracking threats. The threats database is updated all the time so you can feel pretty confident with this product. We have been using it recently and love it. The interface is simple, fast and can be used by anyone (regardless of technical experience or computer knowledge).

We have the privilege of providing a free trial link below, so give it a try!

Download Spyware Doctor

If you haven’t been running Microsoft updates, then you should do so immediately. Microsoft has recently released some critical security updates that address many of these recent issues.

The worm is spreading through networks and via peer to peer file sharing networks.  Once a computer is infected, the worm will create various registry entries and files as well as stopping certain key processes.

Once installed, the worm will then attempt to download other harmful malware onto the infected computer.

Scan and remove W32.kernelbot.A

Microsoft have been improving this product over the years and it’s now a pretty decent malware removal tool. It is compatible with Windows VIsta, Windows XP, Windows 2000 and Server 2003. It can remove all the most common malware and variants including: Blaster, Sasser, Mydoom etc.

The MSRT is also updated at least once a month with new definitions so you can expect that it will nail most of the latest nasties.

In the fight against malware, spyware and viruses, no one product can do the job completely, so you generally need at least 2-3 products to be completely protected. This product from Microsoft is free, so it is well worth the download and gives an added layer of protection.

You can get the MSRT download from the link below:

Get it here

The W32.Wecorl worm will copy itself to a .dat file and will also create several registry entries. Once a computer is infected, the worm will attempt to download files from various remote sites. These files will be saved to a temp folder. The worm also attempts to infect other computers on the network.

To avoid worms such as this, keep Windows automatic updates turned on and run a regular scan of your PC.

Scan and Remove W32.Wecorl

The trojan copies itself to the explorer.exe file. It will also create several registry keys and will start up every time explorer.exe starts.

As with all trojans, they have the ability to further install malware and allow for remote access to your computer. You should always keep your spyware and anti-virus programs up-to-date.

Scan and Remove Trojan.Mournor