Worm.Python.Agent

Posted: July 15, 2017
Threat Metric
Threat Level: 5/10
Infected PCs 4,368

Worm.Python.Agent Description


Worm.Python.Agent is a generic description that antivirus vendors use to categorize unknown threats that have displayed Worm-like behavior, and are written in the Python programming language. The main characteristic of computer worms is the fact that they are able to distribute themselves by injecting their payload in the victim's file automatically, or by dropping their components on removable storage devices. In other scenarios, threats detected as 'Worm.Python.Agent' may be able to access and infect shared network drives, therefore increasing the odds that other users on the same network may end up being infected.

Often, this detection might signal that your system is infected by a Trojan Backdoor that exhibits Worm-like behavior. Needless to say, this is a major issue since it poses a huge security threat – these backdoors might enable attackers to spy on you, collect files, and manipulate your computer in all kinds of way. In the meantime, the Worm module ensures that you might unknowingly infect the computers of friends and colleagues.

Recently, threats detected as 'Worm.Python.Agent' have been distributed online with the help of fraudulent email messages that claim to contain important data and updates about the Corona virus outbreak. We advise you to be extra careful about such emails, especially if they do not come from a trustworthy source.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Worm.Python.Agent may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



C:\Users\4918~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\WinSecure.exe File name: WinSecure.exe
Size: 5.77 MB (5777427 bytes)
MD5: 0bcf08501969a9bbc7e7c2e32fd90a19
Detection count: 237
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\4918~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\
Group: Malware file
Last Updated: September 18, 2020
C:\Users\PHONG KINH DOANH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UniKeyNT.exe File name: UniKeyNT.exe
Size: 5.2 MB (5207521 bytes)
MD5: 06ec1068e97bd182015967e801f4e159
Detection count: 98
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\PHONG KINH DOANH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Group: Malware file
Last Updated: August 15, 2020
%SYSTEMDRIVE%\users\hp\appdata\roaming\microsoft\windows\start menu\programs\startup\schosts.exe File name: schosts.exe
Size: 3.24 MB (3248021 bytes)
MD5: 64b5f069ad77135e06c82f2ff9307269
Detection count: 19
File type: Executable File
Mime Type: unknown/exe
Path: %SYSTEMDRIVE%\users\hp\appdata\roaming\microsoft\windows\start menu\programs\startup\
Group: Malware file
Last Updated: August 18, 2020

Registry Modifications


The following newly produced Registry Values are:

Regexp file mask%HOMEDRIVE%\boots\syswin.exe
Home Malware Programs Worms Worm.Python.Agent

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.