W32.Myfip.A
This malware was reported by: Symantec
WORM_AMUS.A
This malware was reported by: Trendmicro
WORM_SAROS.A
This malware was reported by: Trendmicro
WINCE_BRADOR.A
This malware was reported by: Trendmicro
Backdoor.Brador.A
This malware was reported by: Symantec
Backdoor.Futh
This malware was reported by: Symantec
Amus.A
This malware was reported by: Panda Software
Adware-Searchcentrix
This malware was reported by: Network Associates Inc
WinCE/BackDoor-CHK
This malware was reported by: Network Associates Inc
W32/Backdoor-CFB
This malware was reported by: Network Associates Inc
This detection covers an actively infected system, where memory is being scanned by VirusScan. The process EXPLORER.EXE will be reported as the infected process (this is not to say that the file EXPLORER.EXE itself is infected). This detec
Brador
This malware was reported by: F-Secure
Amus.A
This malware was reported by: F-Secure
Lovgate.AV
This malware was reported by: Computer Associates
Lovgate.AV is a worm that spreads via e-mail, network shares, exploitation of a Windows RPCSS vulnerability (MS03-039) and the Kazaa file sharing network. I
Frear.A
This malware was reported by: Computer Associates
Win32.Frear.A is a worm that attempts to spread via e-mail, peer-to-peer file sharing networks and by overwriting executables with its own code. This worm h
Saros.A
This malware was reported by: Computer Associates
Win32.Saros.A is a worm spreading through e-mail, mIRC and peer-to-peer (P2P) networks.The worm has been distributed as a 60,014-byte encrypted Win32 PE fil
Sndc.A
This malware was reported by: Computer Associates
Win32.Sndc.A is a worm that spreads via Peer-to-Peer file sharing networks. It also contains backdoor functionality that allows unauthorized access to an af
Reign.V
This malware was reported by: Computer Associates
Win32.Reign.V is a backdoor trojan that allows unauthorized access to an affected machine.
Lovgate.AW
This malware was reported by: Computer Associates
Lovgate.AW is a worm that spreads via e-mail, network shares, and the Kazaa file sharing network. It may be distributed stored inside an archive file and it
Daqa.C
This malware was reported by: Computer Associates
Win32.Daqa.C is a trojan that contains limited backdoor functionality to allow unauthorized access to an affected machine. Its ultimate intention, however,
Daqa.B
This malware was reported by: Computer Associates
W32/Gobot-C
This malware was reported by: Sophos
Brador.A
This malware was reported by: Panda Software
Brador.A is a backdoor that only affects PDA (Personal Digital Assistant) devices with a Windows CE (Pocket PC versions 2000, 2002 and 2003) operating system installed.Brador.A opens a port and sends an e-mail message to its author in order to notify tha
Troj/Brador-A
This malware was reported by: Sophos
W32/Myfip.worm
This malware was reported by: Network Associates Inc
Saros.A
This malware was reported by: F-Secure
The Saros worm was found on 5th of August 2004. This very simple worm
will copy itself to predetermined locations and attempt to spread through
diverse media such as P2P networks and IRC.
Amus.A
This malware was reported by: Computer Associates
Amus.A is a worm spreading via e-mail. The worm has been distributed as a 51,782-byte encrypted Win32 PE file.
W32/MyDoom-R
This malware was reported by: Sophos
W32/Agobot-LT
This malware was reported by: Sophos
W32/Sdbot-LU
This malware was reported by: Sophos
WORM_SDBOT.LD
This malware was reported by: Trendmicro
This worm propagates via network shares. It scans for these shares using random IP addresses and drops a copy of itself on target systems. It also uses a list of user names and passwords to log on to a target machine.
W32.Lovgate.AN@mm
This malware was reported by: Symantec
W32.Lovgate.AN@mm is a mass-mailing worm that propagates through open network shares and prepends itself to .exe files.
The email has a variable subject and attachment name, with an .exe, .pif, or .scr file extension.
W32.Amus.A@mm
This malware was reported by: Symantec
W32.Amus.A@mm is a mass-mailing worm that sends email with the subject "Listen and Smile" and the attachment "Masum.exe."
W32/Mydoom.r@MM
This malware was reported by: Network Associates Inc
This new variant bears the following characteristics:
contains its own SMTP engine for constructing messages
harvests target email addresses from the victim machine
forges the From: header of outgoing messages
downloads a file from a rem
Mhtredir.gen
This malware was reported by: Panda Software
Troj/Padodor-L
This malware was reported by: Sophos
W32/Rbot-FQ
This malware was reported by: Sophos
Bagle.AL
This malware was reported by: F-Secure
This Bagle variant was spammed widely on 9th of August, 2004.
Like other Bagle variants, it sends emails with infected
attachments. Typically the email attachment has a name like
new_price.zip, price_new.zip, price_08.zip etc.
Bagle.AG
This malware was reported by: Computer Associates
Win32.Bagle.AG is a worm that spreads via e-mail and file sharing networks. The worm has been distributed as a 19,460-byte, PEX-compressed Win32 executable.
Trojan.StartPage.G
This malware was reported by: Symantec
Trojan.StartPage.G is a Trojan horse that downloads and runs an executable and attempts to change the Internet Explorer home page.
Trojan.StartPage.F
This malware was reported by: Symantec
Trojan.StartPage.F is a program that changes the home page of Internet Explorer and installs a Browser Helper Object.
W32/Bagle-AQ
This malware was reported by: Sophos
WORM_BAGLE.AC
This malware was reported by: Trendmicro
As of August 9, 2004, 11:30 AM (GMT -07:00; Daylight Saving Time), TrendLabs has declared a YELLOW alert to control the spread of this BAGLE variant. Several infection reports indicate that it has been propagating rapidly in the United States.
HTML_BAGLE.AC
This malware was reported by: Trendmicro
This malicious HTML script arrives packaged with PRICE.EXE (detected by Trend Micro as TROJ_BAGLE.AC), which comes as an attachment in an email sent by WORM_BAGLE.AC.
TROJ_BAGLE.AC
This malware was reported by: Trendmicro
This memory-resident Trojan arrives attached on email sent out by WORM_BAGLE.AC. It is packaged within a .ZIP file along with HTML_BAGLE.AC, which is designed to execute it automatically on infected systems.
WORM_MYDOOM.R
This malware was reported by: Trendmicro
Like earlier MYDOOM variants, this memory-resident worm spreads copies of itself via email. It uses its own Simple Mail Transfer Protocol (SMTP) engine to generate email messages that it sends to its target receipients. It gathers its target email address
W32.Beagle.AO@mm
This malware was reported by: Symantec
Bagle.AM
This malware was reported by: Panda Software
Bagle.AM is a worm that opens a TCP port and listens to it, allowing an attacking user to remotely access the affected computer. It also ends processes belonging to several antivirus update programs, among other applications.Bagle.AM spreads via e-mail,
W32/Bagle.aq@MM
This malware was reported by: Network Associates Inc
W32/Bagle.aq!zip
This malware was reported by: Network Associates Inc
This detection covers ZIP files mailed out by the W32/Bagle.aq@MM virus. For more information, see:
http://vil.nai.com/vil/content/v_127423.htm
Top of Page
JS/IllWill
This malware was reported by: Network Associates Inc
Reign.W
This malware was reported by: Computer Associates
Win32.Reign.W is a backdoor trojan that allows unauthorized access to an affected machine.
Cali.A
This malware was reported by: F-Secure
W32/Agobot-ZX
This malware was reported by: Sophos
W32/Cali@MM
This malware was reported by: Network Associates Inc
This new mass-mailing worm is packed multiple times. It constructs email messages using its own SMTP engine and is sent using MAPI addressing.
Email addresses are harvested from files on the infected machine. The worm ignores addresses fro
Brador.A
This malware was reported by: Computer Associates
WinCE.Brador.A is a backdoor that runs on the Microsoft Windows CE (Pocket PC) platform. It only runs on Pocket PC devices with ARM processors.
EPOC/QDial26
This malware was reported by: Network Associates Inc
W32/Cali-A
This malware was reported by: Sophos
SymbOS/QDial26
This malware was reported by: Network Associates Inc
MS Vulnerability MS04-026
This malware was reported by: Network Associates Inc
W32.Mydoom.P@mm
This malware was reported by: Symantec
W32.Mydoom.P@mm is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses that it finds on an infected computer. The email contains a spoofed From address. The subject and message body vary, and the attachment has a .bat,
W32/Neveg.b@MM
This malware was reported by: Network Associates Inc
This new mass-mailing worm is packed multiple times. It constructs email messages using its own SMTP engine and is sent using MAPI addressing.
Email addresses are harvested from files on the infected machine. The worm ignores addresses fro
StartPage-EH
This malware was reported by: Network Associates Inc
Evaman.C
This malware was reported by: Panda Software
Evaman.C is a worm without damaging effects that spreads via e-mail, in a message that seems to be returned to sender because of a false error.Evaman.C checks every 5 seconds if certain processes are active in memory. If successful, Evaman.C ends them.Ev
W32/Agobot-LX
This malware was reported by: Sophos
Mquito
This malware was reported by: F-Secure
Troj/Mosqit-A
This malware was reported by: Sophos
Backdoor.Beasty.I
This malware was reported by: Symantec
Backdoor.Beasty.I is a backdoor Trojan horse that allows an attacker complete access to an infected computer. The Trojan listens on TCP port 9999 and notifies the attacker through ICQ.
W32/Annil-G
This malware was reported by: Sophos
WORM_LOVGATE.E
This malware was reported by: Trendmicro
This worm propagates via network shares and email. Upon execution, it drops multiple copies of itself. It also drops .DLL files associated with WORM_LOVGATE.Q.
W32.Tibick
This malware was reported by: Symantec
W32.Tibick is a worm that propagates through file-sharing networks. This worm also connects to an IRC channel and listens for messages from the attacker.
Trojan.Boxed.E
This malware was reported by: Symantec
Trojan.Boxed.E is a Trojan horse that performs a Denial of Service (DoS) attack on certain Web sites. DoS attacks are used to deny legitimate users access to a Web site.
PE_LOVGATE.E
This malware was reported by: Trendmicro
This memory-resident file infector usually arrives as the dropped component of WORM_LOVGATE.E . It executes the file infection routines of the said malware.
W32/Agobot-MA
This malware was reported by: Sophos
SYMBOS_QDIAL.A
This malware was reported by: Trendmicro
This Trojan on a phone is a cracked version of the Mosquitos game, which runs on phones using the Symbian Series 60 Platform.
Toquimos.A
This malware was reported by: Panda Software
Toquimos.A is a Trojan that only affects Nokia series 60 cell phones.Toquimos.A is a cracked version of a game for those cell phones. Once it is run, the program checks if the game has been cracked.If so, an special payload, which was included in the ori
StartPage-EM
This malware was reported by: Network Associates Inc
Keylog-Melcarr
This malware was reported by: Network Associates Inc
Leritand.B
This malware was reported by: Panda Software
Leritand.B is a Trojan that changes the prefix of the web addresses that begin with www, thus redirecting them to a website that opens the original web address intended by the user, who does not notice any abnormal behaviour. Though this redirection does
Leritand.A
This malware was reported by: Panda Software
Leritand.A is a Trojan that changes the prefix of the web addresses that begin with www, thus redirecting them to a website that opens the original web address intended by the user, who does not notice any abnormal behaviour. Though this redirection does
Leritand.C
This malware was reported by: Panda Software
Leritand.C is a Trojan that changes the prefix of the web addresses that begin with www, thus redirecting them to a website that opens the original web address intended by the user, who does not notice any abnormal behaviour. Though this redirection does
Bat/qd252
This malware was reported by: Network Associates Inc
Troj/Iefeat-K
This malware was reported by: Sophos
Bagle
This malware was reported by: F-Secure
JS/Zerolin
This malware was reported by: Network Associates Inc
Mydoom.R
This malware was reported by: Computer Associates
Win32.Mydoom.R is a worm that spreads via e-mail. The worm has been distributed as a UPX-packed Win32 executable and may be included in a ZIP archive.
Trojan.Nullpos
This malware was reported by: Symantec
Trojan.Nullpos is a Trojan horse program that modifies the screen saver settings to display a message written in Japanese. It also moves all the desktop icons to the "My Document" folder. The Trojan spreads using the Winny file-sharing network.
W32/Saros-A
This malware was reported by: Sophos
W32/Sdbot-MH
This malware was reported by: Sophos
W32/Rbot-FV
This malware was reported by: Sophos
W32/Rbot-FY
This malware was reported by: Sophos
Trojan.Cargao.B
This malware was reported by: Symantec
Trojan.Cargao.B is a Trojan horse program that sends an email to all the addresses that it finds in the Microsoft Outlook address book. It also downloads and runs executable files from the Internet.
WORM_RATOS.A
This malware was reported by: Trendmicro
TrendLabs HQ received several reports from Japan, Korea, China and the USA of this worm spreading via email. To control the spread of this worm, TrendLabs has declared a YELLOW alert as of August 16, 2004, 12:10 AM (GMT -7:00; Daylight Saving Time).
W32/Mydoom.s@MM
This malware was reported by: Network Associates Inc
-- Update August 15, 2004 --
The risk assessment of this threat was deemed Medium due to prevalence.
If you think that you may be infected with W32/Mydoom.s@MM, and are unsure how to check your system, you may
download the Stinger to
MultiDropper-KG
This malware was reported by: Network Associates Inc
W32/MyDoom-S
This malware was reported by: Sophos
Mydoom.R
This malware was reported by: Panda Software
Mydoom.R is a worm that opens several ports and listens to them. It allows hackers to remotely access the computer, in order to carry out actions that compromise user confidentiality or impede the tasks performed.Additionally, Mydoom.R prevents the user
MyDoom.S
This malware was reported by: F-Secure
A new variant of MyDoom worm - Mydoom.S, was found on
August 16th, 2004. The worm spreads like its previous variants.
NetSky.C
This malware was reported by: F-Secure
Netsky.C (also known as Moodown.C) worm was found on 25th of
February 2004. This variant has been improved comparing to
previous variants of the worm. Netsky.C spreads itself in e-mails
inside a ZIP archive or as an executable attachment. It also
copi
MultiDropper-GP.e
This malware was reported by: Network Associates Inc
BackDoor-CHR
This malware was reported by: Network Associates Inc