SymbOS/Cabir.c
This malware was reported by: Network Associates Inc
This is another variant of the Cabir family. Compared to the b variant, the only difference is that this variant displays a different message when it starts and spreads as MYTITI.SIS
.
This malware is distributed as a Symbian Installation
SymbOS/Cabir.d
This malware was reported by: Network Associates Inc
This is another variant of the Cabir family. Compared to the b variant, the only difference is that this variant displays a different message when it starts and spreads as [YUAN].SIS
.
This malware is distributed as a Symbian Installation
Blad
This malware was reported by: Network Associates Inc
Backdoor.Masteseq
This malware was reported by: Symantec
Backdoor.Masteseq is a back door Trojan horse, which allows a remote attacker to have unauthorized access to the infected computer. Backdoor.Masteseq is packed with UPX.
MS Vulnerability MS04-045
This malware was reported by: Network Associates Inc
MS Vulnerability MS04-044
This malware was reported by: Network Associates Inc
MS Vulnerability MS04-043
This malware was reported by: Network Associates Inc
MS Vulnerability MS04-042
This malware was reported by: Network Associates Inc
MS Vulnerability MS04-041
This malware was reported by: Network Associates Inc
W32.Atak.F@mm
This malware was reported by: Symantec
W32.Atak.F@mm is a mass-mailing worm that sends itself to addresses collected from the infected computer. The email has a variable subject and attachment name. The attachment will have a .zip file extension.
W97M.Ginena
This malware was reported by: Symantec
W97M.Ginena is a macro virus that infects the Microsoft Word Normal.dot template and is triggered when a Word document is opened, closed, or saved. It also lowers the Microsoft Word macro security settings.
VBS.Feadfe@mm
This malware was reported by: Symantec
VBS.Feadfe@mm is a mass-mailing worm that sends itself to email addresses it finds in the Microsoft Outlook Address Book.
VBS.Sorpe.B@mm
This malware was reported by: Symantec
VBS.Sorpe.B@mm is a mass-mailing worm that sends itself to the email addresses gathered from the files on an infected computer. The worm also disables various system utilities including the Registry Editor and Microsoft Notepad.
W32/Atak-I
This malware was reported by: Sophos
W32/Atak-F
This malware was reported by: Sophos
Muquest.A
This malware was reported by: Computer Associates
Win32.Muquest.A is a 26,112-byte trojan that opens a multi-protocol proxy server on an affected machine.
Plimp.A
This malware was reported by: Computer Associates
Win32.Plimp.A is a 23,552-byte UPX-packed backdoor trojan that is capable of receiving commands via IRC.
W32/Rbot-RR
This malware was reported by: Sophos
W32/Sdbot-SB
This malware was reported by: Sophos
Downloader-TA
This malware was reported by: Network Associates Inc
W32/Rbot-RN
This malware was reported by: Sophos
W32.Envid.B@mm
This malware was reported by: Symantec
W32/Forbot-DA
This malware was reported by: Sophos
W32/Atak-G
This malware was reported by: Sophos
MS04-044_KERNEL_AND_LSASS
This malware was reported by: Trendmicro
This security update addresses and resolves two windows vulnerabilites, both of which may enable the current user to take control of the affected system.
MS04-042_DHCP
This malware was reported by: Trendmicro
This security advisory presents the discovered vulnerabilities in the DHCP Server service component of affected platforms. An attacker who successfully exploits the most severe of these vulnerabilities could take complete control of the affected system. H
QLowZones-8
This malware was reported by: Network Associates Inc
W32/Forbot-EQ
This malware was reported by: Sophos
W32/Zafi-D
This malware was reported by: Sophos
WORM_RBOT.GEN
This malware was reported by: Trendmicro
RemAdm-ARPC
This malware was reported by: Network Associates Inc
RemAdm-InCtrl
This malware was reported by: Network Associates Inc
RemAdm-Incredisoft
This malware was reported by: Network Associates Inc
RemAdm-BERS
This malware was reported by: Network Associates Inc
W32/Delf-JB
This malware was reported by: Sophos
W32/Sdbot-SG
This malware was reported by: Sophos
W32/Atak.j@MM
This malware was reported by: Network Associates Inc
This worm bears the following characteristics:
harvests email addresses from the victim machine
spoofs the From: address
constructs messages using its own SMTP engine
Top of Page
VBS/Sorpe@MM
This malware was reported by: Network Associates Inc
Proactive detection
McAfee products running 4150 DAT files (or later) using heuristic scanning will detect this as virus or variant New Script
.
This virus contains the following characteristics:
Spoofs the From:
address on ema
W32/Wort-D
This malware was reported by: Sophos
W32/Agobot-DAA
This malware was reported by: Sophos
W32.Mugly.C@mm
This malware was reported by: Symantec
W32.Mugly.C@mm is a worm that uses its own SMTP engine to spread by sending itself as an email attachment to addresses gathered from the compromised computer. The worm also drops and runs a W32.Spybot.Worm variant.
W32.Atak.G@mm
This malware was reported by: Symantec
W32.Atak.G@mm is a mass-mailing worm that uses its own SMTP engine to send itself as an attachment to the email addresses that it gathers from the files on the compromised computer.
X97M.Frost
This malware was reported by: Symantec
X97M.Frost is a macro virus that infects Excel files and makes their contents invisible. The virus may also delete local files.
W32.Conycspa@mm
This malware was reported by: Symantec
W32.Conycspa@mm is a mass-mailer that downloads and executes adware, dialers, and mass mailers from the Internet.
W32.Looked
This malware was reported by: Symantec
W32.Looked is a worm that propagates through shared folders, downloads a file, and infects .exe files.
Backdoor.Tabdim
This malware was reported by: Symantec
Backdoor.Tabdim is a Trojan horse program that opens a backdoor and allows a remote attacker to control the infected computer.
W32/Rbot-RW
This malware was reported by: Sophos
W32/Forbot-CY
This malware was reported by: Sophos
W32.Pulkfer
This malware was reported by: Symantec
W32.Pulkfer is a virus that infects any executable files it finds in the folder it is executed from.
W32.Netdepix
This malware was reported by: Symantec
Trojan.Netdepix is a Trojan horse program that attempts to exploit the Microsoft Windows LSASS Buffer Overrun Vulnerability (Microsoft Security Bulletin MS04-011) on randomly selected computers causing it to download and execute a remote file.
Not
W97M.Grurev
This malware was reported by: Symantec
W97M.Grurev is a simple Macro virus that infects the Microsoft Word Normal.dot template.
W32/Oddbob-A
This malware was reported by: Sophos
W32/Protoride-Z
This malware was reported by: Sophos
Holax.A
This malware was reported by: Computer Associates
Kol.F
This malware was reported by: Computer Associates
Win32.Kol.F is a keylogging trojan with backdoor functionality.
W32/Sdbot-SI
This malware was reported by: Sophos
W32/Atak-I
This malware was reported by: Sophos
W32.PEQ@mm
This malware was reported by: Symantec
W32.PEQ@mm is a generic Visual Basic worm that spreads by sending a copy of itself to email addresses gathered from the Microsoft Outlook Address Book.
Trojan.Netdepix
This malware was reported by: Symantec
Trojan.Netdepix is a Trojan horse program that attempts to exploit the Microsoft Windows LSASS Buffer Overrun Vulnerability (Microsoft Security Bulletin MS04-011) on randomly selected computers causing it to download and execute a remote file.
Not
W32/Rbot-RY
This malware was reported by: Sophos
W32/Rbot-RR
This malware was reported by: Sophos
BackDoor-CLS
This malware was reported by: Network Associates Inc
Backdoor.Lateda
This malware was reported by: Symantec
Backdoor.Lateda is a backdoor Trojan horse program that allows an attacker to download and run files on the infected machine. It also receives commands from an attacker through IRC.
WORM_MUGLY.C
This malware was reported by: Trendmicro
This worm arrives and propagates via email. It uses its own Simple Mail Transfer Protocol (SMTP), which enables it to send email messages without using other email applications, such as Microsoft Outlook.
Kol.G
This malware was reported by: Computer Associates
Win32.Kol.G is a keylogging trojan with backdoor functionality.
W32/Rbot-SB
This malware was reported by: Sophos
W97M.Banedi
This malware was reported by: Symantec
W97M.Banedi is a macro virus that infects the Microsoft Word Normal.dot template and is triggered when a Word document is opened or closed. It also lowers the Microsoft Word macro security settings.
Linux/BackDoor-Pulamea
This malware was reported by: Network Associates Inc
Linux/Portscan
This malware was reported by: Network Associates Inc
Troj/Bancban-AN
This malware was reported by: Sophos
W32/Forbot-DA
This malware was reported by: Sophos
Linux/Dolit
This malware was reported by: Network Associates Inc
Keylog-MapName
This malware was reported by: Network Associates Inc
W32/Mugly.c@MM
This malware was reported by: Network Associates Inc
This email worm is written in Visual Basic and bears the following characteristics:
contains its own SMTP engine for constructing messages
harvests email addresses from files on the victim machine
spoofs the From: address
overwrites t
BackDoor-CKP
This malware was reported by: Network Associates Inc
PHP/Chaploit
This malware was reported by: Network Associates Inc
W32/HLLP.Philis.g
This malware was reported by: Network Associates Inc
W32/HLLP.Philis.g is a file infecting virus.
It searches for 32 bit PE .exe
files and prepends its viral code to target files. It adds 59904 bytes infront of the original file so whenever that file is being called the virus code is initi
PWS-Nanatubi
This malware was reported by: Network Associates Inc
Santy
This malware was reported by: F-Secure
Santy is a worm was found at December 21st, 2004. It uses a vulnerability in
popular phpBB discussion forum software to spread and it uses Google search
engine to find vulnerable servers. It does not infect end user computers.
Google has started fil
Skulls.C
This malware was reported by: F-Secure
Cabir.F
This malware was reported by: F-Secure
Cabir.F is a minor variant of Cabir.B the only significant
differences are that the Cabir.F displays different text on the
start dialog when worm starts and that the Cabir.F spreads as Tee222.SIS
instead of Cabir.SIS.
Cabir.F displays text "Tee
MGDropper
This malware was reported by: F-Secure
Cabir.G
This malware was reported by: F-Secure
Cabir.G is a minor variant of Cabir.B the only significant
difference is that Cabir.G Spreads in SEXXXY.SIS while Cabir.B
uses Caribe.sis
For more details, see description of Cabir.A
http://www.f-secure.com/v-descs/cabir.shtml
WORM_SANTY.A
This malware was reported by: Trendmicro
Initial analysis of samples of this worm indicates it spreads on Web servers running the popular phpBB application. Individual end-user systems appear to be unaffected as of this time.
Perl.Santy
This malware was reported by: Symantec
PHP/Santy.worm
This malware was reported by: Network Associates Inc
-- Update December 21, 2004 --
This threat was updated to Low-Profiled due to media attention at the following link:
http://news.com.com/Net%2Bworm%2Busing%2BGoogle%2Bto%2Bspread/2100%2D7349_3%2D5499725.html
This virus spreads on web
Santy
This malware was reported by: Computer Associates
Perl.Santy.A is a worm that spreads via web servers running vulnerable versions of phpBB 2.x prior to 2.0.11.
Perl/Santy-A
This malware was reported by: Sophos
W32/Forbot-EQ
This malware was reported by: Sophos
PERL/Santy.worm
This malware was reported by: Network Associates Inc
-- Update December 21, 2004 --
This threat was updated to Low-Profiled due to media attention at the following link:
http://news.com.com/Net%2Bworm%2Busing%2BGoogle%2Bto%2Bspread/2100%2D7349_3%2D5499725.html
This virus spreads on web
Santy.A
This malware was reported by: Panda Software
Santy.A is a worm that affects servers running a version of the application phpBB prior to 2.0.11. phpBB is an open source program used to easily create bulletin boards, forums and newsgroups. It uses a vulnerability in one of the files belonging to phpB
Santy.A
This malware was reported by: Computer Associates
Perl.Santy.A is a worm that spreads via web servers running vulnerable versions of phpBB 2.x prior to 2.0.11.
Prutec.D
This malware was reported by: Computer Associates
Win32.Prutec.D is a trojan that downloads and installs various potentially unwanted applications. It has been distributed as a 49,152-byte, UPX-packed execu
Blackmal.B
This malware was reported by: Computer Associates
Win32.BlackMal.B is a worm that attempts to spread via email. It has been distributed as a 79,409 byte, UPX packed executable.
Reign.AK
This malware was reported by: Computer Associates
Win32.Reign.AK is a keylogging trojan that opens a SOCKS proxy on the affected machine.
W32.Randex.CCF
This malware was reported by: Symantec
W32.Randex.CCF is a network-aware worm that opens a back door on an infected computer and may be remotely controlled via IRC channels.
Reckmess.B
This malware was reported by: Computer Associates
Win32.Reckmess.B is a backdoor trojan. It is distributed as a 46,305-byte, PECOMPACT-packed Win32 executable.
Glieder.K
This malware was reported by: Computer Associates
Win32.Glieder.K is a backdoor trojan which attempts to disable the Windows Firewall and Security Center on Windows 2000 and XP machines, then proceeds to do
Glieder.L
This malware was reported by: Computer Associates
Win32.Glieder.L is a backdoor trojan which attempts to disable the Windows Firewall and Security Center on Windows 2000 and XP machines, then proceeds to do
Atak.K
This malware was reported by: Computer Associates
Win32.Atak.K is a worm which sends emails made up of numerous various strings using its own SMTP server.