14 DAY TRIAL // The Bropia surfaced two weeks ago and it's "A" variant disseminated itself by files claiming to be funny or lewd pictures with filenames such as love_me.pif, drunk_lol.pif and the like. At the time, F-Secure said that contacts were harvested from client machines by snooping on MSN windows using Windows hooks. Looks like variant "F", which is today's nuisance, is still Microsoft related and it chose to spread by MSN Messenger.
The worm tries to send copies of it in different filenames to all online contacts, pretending to be alluring images. You will be disappointed to find only a funny picture of a roasted chicken in a bikini!
The Worm_Bropia.F leaves a copy of itself in the Windows system folder, and then tries to propagate to other MSN Messenger users by sending a copy of itself under one of these filenames: Bedroom-thongs.pif, Hot.pif , LMAO.pif , LOL.scr Naked_drunk.pif, New_webcam.pif, ROFL.pif, Underwear. Pif and Webcam.pif. Information about removal you can find at Symantec
The potential for damage is quite high because it drops another worm on your machine that is quite nasty and can spread through network by taking advantage of unpatched desktops and servers.
If you receive a file that you are not expecting, even if it is from someone in your contacts list, don't open it because it is very possible that the file is being sent without your contact even knowing about it.
The second worm (agabot.ajc) does have the potential to perform a DDoS attack on certain services and it works with the same vulnerabilities that were exploited by infamous worms like Slammer, Blaster (MSBlast) and Sasser.