Skulls.B
This malware was reported by: F-Secure
Skulls.B is a variant of SymbOS/Skulls.A trojan, which has
similar functionality to the Skulls.A but uses different files.
Skulls.B is a malicious SIS file trojan that will replace the system
applications with non-functional versions and drops SymbO
Heuristic
This malware was reported by: F-Secure
Troj/Banker-AN
This malware was reported by: Sophos
W32/Agobot-OD
This malware was reported by: Sophos
W32.Setclo
This malware was reported by: Symantec
W32.Setclo is a worm that propagates by copying itself to any open network shares it locates.
Troj/Dloader-EP
This malware was reported by: Sophos
W32/Anzae-C
This malware was reported by: Sophos
W32/Mugly.a@MM
This malware was reported by: Network Associates Inc
At least 2 variants of this email worm were discovered today. The worm spreads as an email attachment, such as:
From:
spoofed
Subject (one of the following):
You have an Admirer
Your Pic On A Website!!
Rate My Pic.......
Hh
Inzae.A
This malware was reported by: Computer Associates
Win32.Inzae.A is a worm that spreads via e-mail. Due to bugs in its code, it may fail to function on many systems and hence is unlikely to spread successful
W32/Mugly.b@MM
This malware was reported by: Network Associates Inc
At least 2 variants of this email worm were discovered today. The worm spreads as an email attachment, such as:
From:
spoofed
Subject (one of the following):
You have an Admirer
Your Pic On A Website!!
Rate My Pic.......
Hh
Symb/Cabir-B
This malware was reported by: Sophos
W32/Tibick-A
This malware was reported by: Sophos
SymbOS/Skulls.a
This malware was reported by: Network Associates Inc
SymbOS/Skulls.b
This malware was reported by: Network Associates Inc
Mugly.A
This malware was reported by: Panda Software
Mugly.A is a worm that drops and executes other worm, detected by Panda Software as W32/Gaobot.BXG.worm.Mugly.A spreads via e-mail in a message with variable characteristics, which always contains an attached file called ATTACHED.ZIP.
Jabbit.A
This malware was reported by: Panda Software
Jabbit.A is a virus that infects the HTML files that are located in the directory where it is run. It also creates copies of itself in the Favorites folder, and makes all the links in this folder to point to the virus, so that it will be run whenever the
Tool-Tpatch
This malware was reported by: Network Associates Inc
HTML_IFRAMEBOF.B
This malware was reported by: Trendmicro
Yanz.A
This malware was reported by: Computer Associates
Win32.Yanz.A is a worm that spreads via e-mail and P2P file sharing networks. It has been distributed as a 68,608-byte, UPX-packed, Win32 executable.
W32.Salga.A@mm
This malware was reported by: Symantec
W32.Salga.A@mm is a mass-mailing worm that uses Microsoft Outlook to send itself to all the email addresses that it finds in the Outlook address book. The worm also attempts to spread through mIRC, file-sharing networks, and network shares.
PWSteal.Tarno.K
This malware was reported by: Symantec
PWSteal.Tarno.K is a Trojan horse program that attempts to steal passwords and log information entered into Web forms.
Trojan.Matrixscreen
This malware was reported by: Symantec
Trojan.Matrixscreen is a Trojan horse program that performs a Denial of Service (DoS) attack on a third party Web site, and uses a significant amount of bandwidth and resources on an infected computer.
W32/Wurmark-A
This malware was reported by: Sophos
W32/Delf-IV
This malware was reported by: Sophos
JS/Spawn-C
This malware was reported by: Sophos
SymbOS.Skulls.B
This malware was reported by: Symantec
SymbOS.Skulls.B is a Trojan horse that replaces the system files on Symbian series 60 devices, causing application icons to be replaced with the default system icon, and preventing many applications from functioning.
The Trojan also installs SymbOS.C
pcAudit
This malware was reported by: Panda Software
pcAudit is a spyware program, which is developed by a private company in order to test the security level in a computer. It simulates the attack by a hacker, and attempts to send data to a server. If pcAudit is successful, it supposedly means that the co
Dialer-212
This malware was reported by: Network Associates Inc
PWS-Banker.d
This malware was reported by: Network Associates Inc
W32.Mugly.B@mm
This malware was reported by: Symantec
W32.Mugly.B@mm is a worm that uses its own SMTP engine to spread by sending itself as an email attachment to addresses gathered from the infected computer. It also drops and runs a W32.Spybot.Worm variant, and may attempt to open a back door on the infec
Skulls.B
This malware was reported by: Panda Software
Skulls.B is a Trojan that only affects cellular phones that use the operating system Symbian. Initially, it aims Nokia 7610 cellphones, but other devices based in the same software could also be affected.Skulls.B changes all the icons into another icon b
W32.Aidid
This malware was reported by: Symantec
W32.Aidid is a virus that overwrites all files in the A drive with a copy of itself.
JS.Kidrash
This malware was reported by: Symantec
JS.Kidrash is a Java Script program that adds random garbage data to .html and .js files.
WORM_MUGLY.A
This malware was reported by: Trendmicro
This worm arrives on a system as an attachment to an email message with the following characteristics:
Crack-PCV
This malware was reported by: Network Associates Inc
QLowZones-2.gen
This malware was reported by: Network Associates Inc
QLowZones-1
This malware was reported by: Network Associates Inc
QLowZones-7.gen
This malware was reported by: Network Associates Inc
MS Vulnerability MS04-040
This malware was reported by: Network Associates Inc
QLowZones-5
This malware was reported by: Network Associates Inc
QLowZones-3
This malware was reported by: Network Associates Inc
QLowZones-6
This malware was reported by: Network Associates Inc
QLowZones-4
This malware was reported by: Network Associates Inc
W32/Anzae.worm.gen
This malware was reported by: Network Associates Inc
This is a generic detection for the W32/Anzae.worm family of viruses.
These are mass-mailing worms which may exhibit the following characteristics:
contains its own SMTP engine to construct outgoing messages
the From: address of message
WORM_BIZEX.A
This malware was reported by: Trendmicro
This memory-resident worm spreads through a link that is sent via ICQ. The link redirects a user to a specific malicious Web site, where it downloads several files to be executed on a system.
Wurmark.A
This malware was reported by: Computer Associates
Win32.Wurmark.A is a worm that spreads via e-mail. It also carries a variant of the Win32.Rbot family of worms. It is distributed as a 423,814-byte, MEW-pac
Zlob.B
This malware was reported by: Computer Associates
Win32.Zlob.B is a downloading trojan that modifies Internet Explorer settings.
Orpheus.A
This malware was reported by: Computer Associates
Win32.Orpheus.A is a worm that spreads via network shares and contains backdoor functionality that allows unauthorized access to a compromised machine.
Mydoom.M
This malware was reported by: Computer Associates
Win32.Mydoom.M is a worm that spreads via e-mail. It has been distributed as a 29,005-byte, FSG-packed Win32 executable. It also has limited backdoor functi
Korgo.N
This malware was reported by: Computer Associates
Win32.Korgo.N is a worm that spreads by exploiting the Microsoft Windows LSASS buffer overflow vulnerability. It also opens a backdoor that allows unauthori
Korgo.P
This malware was reported by: Computer Associates
Win32.Korgo.P is a worm that spreads by exploiting the Microsoft Windows LSASS buffer overflow vulnerability. It also opens a backdoor that allows unauthori
Mitglieder.BG
This malware was reported by: Computer Associates
Mitglieder.BG is a backdoor trojan that can act as a socks proxy, as well as allowing limited control of an infected machine through the use of non-standard
Tibick.B
This malware was reported by: Computer Associates
Win32.Tibick.B is a worm that spreads via Peer-to-Peer file sharing networks. It also contains limited backdoor functionality that allows its controller to
Fuzzorin
This malware was reported by: Computer Associates
Win32.Fuzzorin is a backdoor trojan. It has been distributed as a UPX-packed, Win32 executable. Variants of this trojan reported to Computer Associates have
W32/Agobot-OH
This malware was reported by: Sophos
W32/Sality-H
This malware was reported by: Sophos
StartPage-FB
This malware was reported by: Network Associates Inc
MS04-040_INTERNET_EXPLORER
This malware was reported by: Trendmicro
This security update addresses and resolves a vulnerability in Internet Explorer that could allow remote code execution.
StartPage-FP
This malware was reported by: Network Associates Inc
Downloader-JS
This malware was reported by: Network Associates Inc
SYMBOS_SKULLS.B
This malware was reported by: Trendmicro
This Trojan affects mobile devices running the Symbian operating system. It disables the applications of infected phones and changes the icon of each application into a specific image. It usually arrives as an installation package with the file name ICONS
W32/Agobot-OL
This malware was reported by: Sophos
W32/Netsky-AE
This malware was reported by: Sophos
W32.Mugly.A@mm
This malware was reported by: Symantec
W32.Mugly.A@mm is a worm that uses its own SMTP engine to spread by sending itself as an email attachment to the email addresses gathered from the infected computer. It also drops and runs a W32.Spybot.Worm variant, and may attempt to open a backdoor on
Proxy-OSS.dll
This malware was reported by: Network Associates Inc
Adware-WinAd
This malware was reported by: Network Associates Inc
WORM_RBOT.ADD
This malware was reported by: Trendmicro
This worm spreads via network shares. It uses the account of the currently logged on user on a system to access remote systems. It also uses a hardcoded list of user names and passwords apart from those it gathers. It then drops copies of itself in networ
W32/Rbot-QX
This malware was reported by: Sophos
Troj/Bancban-AH
This malware was reported by: Sophos
W32.Netsky.Z@mm!enc
This malware was reported by: Symantec
W32.Netsky.Z@mm!enc is an .enc detection for MIME-encoded files that contain the W32.Netsky.Z@mm worm.
W32/Atak.d@MM
This malware was reported by: Network Associates Inc
Proactive detection
This variant is detected exactly as W32/Atak.gen@MM
by McAfee products running the 4380 DATs or later (release date Aug 2nd 2004).
The worm bears the following characteristics:
harvests email addresses from the v
W32/Keco.worm.gen
This malware was reported by: Network Associates Inc
Atak.D
This malware was reported by: Panda Software
Atak.D is a worm without damaging effects that spreads via e-mail in a message with variable characteristics.
W32/Atak.D@mm
This malware was reported by: F-Secure
A new variant of the Atak worm was found on Friday 3rd of December.
Atak is a simple massmailer worm.
W32/Sdbot-RU
This malware was reported by: Sophos
W32/Forbot-CW
This malware was reported by: Sophos
WORM_ATAK.D
This malware was reported by: Trendmicro
This mass-mailing worm uses its own Simple Mail Transfer Protocol (SMTP) engine to spread via email. This engine enables it to spread without using other email applications. System administrators can check their mail servers for congestion and can block t
W32.Atak.B@mm
This malware was reported by: Symantec
W32.Atak.B@mm is a mass-mailing worm that uses its own SMTP engine to send its messages to the email addresses it gathers from certain files on a compromised computer.
Trojan.Wlogo
This malware was reported by: Symantec
Trojan.Wlogo exploits the Microsoft Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability (described in the Microsoft Security Bulletin MS04-040) to download and execute a remote file.
W32.Beagle@mm!enc
This malware was reported by: Symantec
W32.Beagle@mm!enc is an .enc detection for MIME-encoded files that contain the W32.Beagle family of mass-mailing worms.
W32/Rbot-RC
This malware was reported by: Sophos
Troj/Banker-AN
This malware was reported by: Sophos
Atak.D
This malware was reported by: Computer Associates
Win32.Atak.D is a worm that spreads via e-mail. It has been distributed as a 12,037-byte, FSG-packed Win32 executable.
Trojan.Frutca
This malware was reported by: Symantec
Trojan.Frutca is a Trojan horse program that hides files on the compromised computer and sends information to a remote server.
W32/Atak-E
This malware was reported by: Sophos
Troj/Dloader-EP
This malware was reported by: Sophos
Downloader-SU
This malware was reported by: Network Associates Inc
W32/Atak.e@MM
This malware was reported by: Network Associates Inc
This new variant of W32/Atak bears the following characteristics:
harvests email addresses from the victim machine
spoofs the From: address
constructs messages using its own SMTP engine
The worm is packed with FSG.
Top of
W32/Rbot-RE
This malware was reported by: Sophos
Symb/Cabir-B
This malware was reported by: Sophos
Troj/Agent-BF
This malware was reported by: Sophos
W32/Wurmark-A
This malware was reported by: Sophos
Yanz.B
This malware was reported by: Computer Associates
Win32.Yanz.B is a worm that spreads via email and P2P file sharing networks. It has been distributed as a 122,880-byte, UPX-packed, Win32 executable.
W32/Rbot-RF
This malware was reported by: Sophos
Mugly.B
This malware was reported by: Computer Associates
Win32.Mugly.B is a worm that spreads via e-mail. It also carries a variant of the Win32.Rbot family of worms. It is distributed as a 423,814-byte, MEW-packe
Troj/Banker-BG
This malware was reported by: Sophos
W32/Agobot-OH
This malware was reported by: Sophos
Atak.E
This malware was reported by: Panda Software
Atak.E is a worm without damaging effects that spreads via e-mail in a message with variable characteristics.
W32/SirCam@MM
This malware was reported by: Network Associates Inc
W32.Atak.E@mm
This malware was reported by: Symantec
W32.Atak.E@mm is a mass-mailing worm that uses its own SMTP engine to send a copy of itself as an attachment to the email addresses it gathers from files on the compromised computer.