Lioten.GJ
This malware was reported by: Computer Associates
Win32.Lioten.GJ is worm that spreads via Windows file sharing, by exploiting weak passwords. It is also an IRC controlled backdoor, based on Win32.Sdbot tro

Winkeylogger.C
This malware was reported by: Computer Associates


QHosts-19
This malware was reported by: Network Associates Inc


Prutec.A
This malware was reported by: Computer Associates
Prutec.A is a trojan that downloads and installs various potentially unwanted applications. It has been distributed as a 44,544-byte, UPX-packed executable.

WORM_MASLAN.A
This malware was reported by: Trendmicro
This worm spreads by sending copies of itself as an email attachment. The email message it sends out has the following details:

StartPage-FC
This malware was reported by: Network Associates Inc


BackDoor-CLO
This malware was reported by: Network Associates Inc


WORM_ATAK.E
This malware was reported by: Trendmicro


Lemoor.B
This malware was reported by: Computer Associates
Lemoor.B is a 1,993-byte, FSG 2.0-packed worm that can only spread through machines already infected with Win32.Sasser variants.

StartPage-FL
This malware was reported by: Network Associates Inc


W32/Maslan-C
This malware was reported by: Sophos


W32/Agobot-OL
This malware was reported by: Sophos


BackDoor-CIE
This malware was reported by: Network Associates Inc


TrojanDropper.FakeSpamFighter
This malware was reported by: F-Secure


W32/Rbot-RJ
This malware was reported by: Sophos


W32/Rbot-QX
This malware was reported by: Sophos


Maslan.A
This malware was reported by: F-Secure
Maslan.A is a multi-component stealth worm that drops an IRC backdoor to a computer, it can steal personal data (spying component), organize a DoS (Denial of Service) attack, spread in e-mails and to remote computers by using the LSASS and DCOM exploi

W32.Maslan.A@mm
This malware was reported by: Symantec
W32.Maslan.A@mm is a mass-mailing worm that opens a back door and exploits system vulnerabilities on the compromised computer. The worm also steals passwords and uses rootkit techniques.

AdClicker-BP
This malware was reported by: Network Associates Inc


W32.Gaobot.BUU
This malware was reported by: Symantec


W32/Anig-C
This malware was reported by: Sophos


W32/Sdbot-RU
This malware was reported by: Sophos


KeyLog-Rumale
This malware was reported by: Network Associates Inc


KeyLog-MXX
This malware was reported by: Network Associates Inc


W32/Maslan.c@MM
This malware was reported by: Network Associates Inc
This worm propagates by mass-mailing itself to victims and spreading to machines via poorly secured shares or unpatched exploits. It bears the following characteristics: constructs messages using its own SMTP engine harvests target email

CabirDropper
This malware was reported by: F-Secure
Cabir.Dropper is Symbian installation file that will install Cabir.C and Cabir.D if executed. The original version of Cabir.Dropper is named Norton AntiVirus 2004 Professional.sis The Cabir files are installed into several directories with different

Cabir.D
This malware was reported by: F-Secure
Cabir.D is a minor variant of Cabir.B the only significant differences are that the Cabir.D displays different text on the start dialog when worm starts and that the Cabir.D spreads as [YUAN].SIS instead of Cabir.SIS. Cabir.C displays text "[

Cabir.C
This malware was reported by: F-Secure
Cabir.C is a minor variant of Cabir.B the only significant differences are that the Cabir.C displays different text on the start dialog when worm starts and that the Cabir.C spreads as MYTITI.SIS instead of Cabir.SIS. Cabir.C displays text "Myt

W32/Setclo-A
This malware was reported by: Sophos


W32/Rbot-RC
This malware was reported by: Sophos


BackDoor-BAC.dll
This malware was reported by: Network Associates Inc


W32/Bagle.bf@MM
This malware was reported by: Network Associates Inc
This virus is simply a repackaging of W32/Bagle.aa@MM .  It is not polymorphic and a static MD5 is not suitable as  garbage is always appended to the file.  The password protected zip component, the CPL component, as well as the VBScript c

QHosts-11.dr
This malware was reported by: Network Associates Inc


W32.Maslan.C@mm
This malware was reported by: Symantec
W32.Maslan.C@mm is a mass-mailing worm that opens a back door and exploits system vulnerabilities on the compromised computer. The worm also steals passwords and uses rootkit techniques.

JS.Speth.Worm
This malware was reported by: Symantec
JS.Speth.Worm is a Java Script file that copies itself throughout the C drive of the infected computer. It overwrites Autoexec.bat, as well as .vbs and .cmd files. The worm contains a mass-mailing routine and can also spread via mIRC, Pirch98, and vIRC.

QHosts-21
This malware was reported by: Network Associates Inc


StartPage-BK
This malware was reported by: Network Associates Inc


StartPage-FO
This malware was reported by: Network Associates Inc


Maslan.A
This malware was reported by: Panda Software
 Maslan.A is a worm that is very easy to identify, as it spreads in an email message with the following characteristics:Subject: 123.Message:Hello --Best regards,Attachments: PlayGirls2.exe. Maslan.A monitors the activit

Maslan.B
This malware was reported by: Panda Software
 Maslan.B is a worm that is very easy to identify, as it spreads in an email message with the following characteristics:Subject: 12345.Message:Hello --Best regards,Attachments: PlayGirls_2.exe. Maslan.B monitors the acti

W32/Bagle-AA
This malware was reported by: Sophos


W32/Rbot-RE
This malware was reported by: Sophos


W32/Bagle.bg@MM
This malware was reported by: Network Associates Inc


Downloader-TA.dll
This malware was reported by: Network Associates Inc


Cabir.Dropper
This malware was reported by: F-Secure


SymbOS/Cabir
This malware was reported by: Network Associates Inc


Troj/Agent-BF
This malware was reported by: Sophos


Troj/Brabot-A
This malware was reported by: Sophos


W32/Rbot-RF
This malware was reported by: Sophos


VBS.Junkmail@mm
This malware was reported by: Symantec
VBS.Junkmail@mm is a generic VBS mass-mailing worm, which copies itself to files on the C drive of the infected computer.

W32/Atak-F
This malware was reported by: Sophos


Troj/Banker-BG
This malware was reported by: Sophos


W32.Janx
This malware was reported by: Symantec
W32.Janx is a worm that attempts to exploit the Microsoft Windows LSASS Buffer Overrun Vulnerability (Microsoft Security Bulletin MS04-011). The worm spreads by randomly scanning IP addresses for vulnerable systems. The worm also connects to an IRC ser

W32/Sdbot-SB
This malware was reported by: Sophos


W32/Maslan-C
This malware was reported by: Sophos


W32/Rbot-RN
This malware was reported by: Sophos


W32/Rbot-RJ
This malware was reported by: Sophos


Hitnrun
This malware was reported by: Network Associates Inc


WORM_BAGZ.I
This malware was reported by: Trendmicro
This memory-resident worm arrives and propagates through email. It uses its built-in Simple Mail Tranfer Protocol engine, which allows it to send email without having to use other email applications like Outlook Express.

WORM_RBOT.AEF
This malware was reported by: Trendmicro


W32.Qeds@mm
This malware was reported by: Symantec
W32.Qeds@mm is a mass-mailing worm that sends a copy of itself as an attachment to the email addresses that it gathers from the files on an infected computer.

Backdoor.Ranky.N
This malware was reported by: Symantec
Backdoor.Ranky.N is a back door program that allows a compromised computer to be used as a covert proxy.

Trojan.Conycspa
This malware was reported by: Symantec
Trojan.Conycspa is a Trojan horse program that downloads and executes adware, dialers, and spamming Trojan horse programs from the Internet. SPAM distributes this Trojan.

HotWorld
This malware was reported by: Network Associates Inc


BackDoor-CJC
This malware was reported by: Network Associates Inc


W32/Atak-G
This malware was reported by: Sophos


W32/Anig-C
This malware was reported by: Sophos


Zafi.D
This malware was reported by: F-Secure
A new variant of Zafi worm - Zafi.D is spreading. While the original Zafi.A uses only Hungarian, the new Zafi.D spreads in email in English, Italian, Spanish, Russian, Swedish and several other languages. The worm sends itself in christmas wish messa

Cabir.E
This malware was reported by: F-Secure
Cabir.E is a minor variant of Cabir.B the only significant differences are that the Cabir.E displays different text on the start dialog when worm starts and that the Cabir.E spreads as Ni&Ai-.SIS instead of Cabir.SIS. Cabir.E displays text &qu

Janx.A
This malware was reported by: Panda Software
 Janx.A is a worm that spreads via the Internet by exploiting the LSASS vulnerability in remote computers. This vulnerability is critical for Windows XP/2000 operating systems that are not properly updated.Janx.A connects to the IRC server 203.167.78.35 a

W32/Zafi-D
This malware was reported by: Sophos


W32/Setclo-A
This malware was reported by: Sophos


W32/Zafi.d@MM
This malware was reported by: Network Associates Inc


Atak.F
This malware was reported by: Panda Software
 Atak.F is a worm without destructive effects that spreads via e-mail in a message with variable characteristics.

Zafi.D
This malware was reported by: Computer Associates
Win32.Zafi.D is a worm that spreads via e-mail and peer-to-peer file sharing. It has been distributed as a 11,745-byte, FSG-packed Windows executable, which

Zafi.D
This malware was reported by: Panda Software
 Zafi.D is a worm with backdoor characteristics, as it opens the port 8181 and waits for a file to be transferred through it. Zafi.D executes this file, which is usually other malware.Additionally, Zafi.D impedes access to applications that contain the te

W32/Sdbot-SG
This malware was reported by: Sophos


W32/Bagle-AA
This malware was reported by: Sophos


W32.Erkez.D@mm
This malware was reported by: Symantec


StartPage-FT
This malware was reported by: Network Associates Inc


WORM_ZAFI.D
This malware was reported by: Trendmicro
As of December 14, 2004 8:13 AM (PST), 11 days before Christmas, TrendLabs has declared a MEDIUM risk virus alert to control the spread of this mass-mailing worm. It has been found spreading in Germany, France, and Spain.

SymbOS/Cabir.e
This malware was reported by: Network Associates Inc


W32/Agobot-DAA
This malware was reported by: Sophos


VBS.Sorpe.A@mm
This malware was reported by: Symantec
VBS.Sorpe.A@mm is a mass-mailing worm that sends itself to email addresses gathered from files on the infected computer.

Backdoor.Subot
This malware was reported by: Symantec
Backdoor.Subot is a back door program that is loaded with a Serv-U FTP server and can be controlled through IRC channels by a remote attacker.

MS04-043_HYPERTERMINAL
This malware was reported by: Trendmicro
A remote code execution vulnerability exists in HyperTerminal because of a buffer overrun.

MS04-041_WORDPAD
This malware was reported by: Trendmicro
This security advisory explains the two discovered vulnerabilities in Microsoft Word for Windows 6.0 Converter, which is used by WordPad in converting Word 6.0 to WordPad file format.

W32/Forbot-CY
This malware was reported by: Sophos


W32/Bagle-Zip
This malware was reported by: Sophos


W32/Atak.i@MM
This malware was reported by: Network Associates Inc
-- Update December 16, 2004 -- The risk assessment of this threat has been updated to Low-Profiled due to media attention at: http://news.zdnet.co.uk/internet/security/0,39020375,39181365,00.htm -- The worm bears the following ch

MS04-045_WINS
This malware was reported by: Trendmicro
This security advisory explains two discovered vulnerabilities in the Windows Internet Naming Service (WINS) component of the affected platforms. An attacker who successfully exploits any of the two vulnerabilities may take complete control of the affecte

Atak.G
This malware was reported by: Panda Software
 Atak.G is a worm without destructive effects that spreads via e-mail in a message with variable characteristics.

Damrai.A
This malware was reported by: F-Secure
We have renamed Damrai.A to LdPinch.ht as the trojan also has password stealing capabilities. LdPinch.ht is a password stealing trojan with backdoor and proxy capabilities that was found on December 15th, 2004. It was spammed widely in Germany in a m

Trojan.PSW.LdPinch.ht
This malware was reported by: F-Secure
We have renamed Damrai.A to LdPinch.ht as the trojan also has password stealing capabilities. LdPinch.ht is a password stealing trojan with backdoor and proxy capabilities that was found on December 15th, 2004. It was spammed widely in Germany in a m

Atak.H
This malware was reported by: Panda Software
 Atak.H is a worm without destructive effects that spreads via e-mail in messages with variable characteristics that pass themselves off as Christmas greetings.

Email-Worm.Win32.Atak.h
This malware was reported by: F-Secure
A new variant of the Atak worm was found on 15th of December 2004. The worm spreads in emails that have a subject "Merry X-Mas!" or "Happy New Year!".

W32/Protoride-Z
This malware was reported by: Sophos


Troj/Brabot-A
This malware was reported by: Sophos


StartPage-EH.dr
This malware was reported by: Network Associates Inc


Atak.I
This malware was reported by: Panda Software
 Atak.I is a worm without destructive effects that spreads via e-mail in messages with variable characteristics that pass themselves off as Christmas greetings.


Anti virus links

Anti-virus programs
Virus history
Top-100 malware
Svenska
Antivirus programs


Sitemap


Anti virus and malware

  Anti virus