Banker.M
This malware was reported by: Computer Associates
W32/Poebot-H
This malware was reported by: Sophos
Troj/PurScan-V
This malware was reported by: Sophos
W32/MyDoom-AS
This malware was reported by: Sophos
W32/Codbot-C
This malware was reported by: Sophos
W32/Poebot-A
This malware was reported by: Sophos
W32/Assiral-A
This malware was reported by: Sophos
Troj/Lineage-D
This malware was reported by: Sophos
W32/Mydoom.bc@MM
This malware was reported by: Network Associates Inc
This variant W32/Mydoom is similar to previous variants, it bears the following characteristics:
mass-mailing worm constructing messages using its own SMTP engine
harvests email addresses from the victim machine
spoofs the From: address
W32/MyDoom-BC
This malware was reported by: Sophos
W32/Mydoom.bd@MM
This malware was reported by: Network Associates Inc
This variant W32/Mydoom is similar to previous variants, it bears the following characteristics:
mass-mailing worm constructing messages using its own SMTP engine
harvests email addresses from the victim machine
spoofs the From: address
W32/Bropia.worm.p
This malware was reported by: Network Associates Inc
MyDoom.BD
This malware was reported by: F-Secure
MyDoom.BD appeared on February 18th, 2005. It is a minor variant of
MyDoom.BB. MyDoom.BD adds a few new sites from which the worm attempts
to download the additional Backdoor (Backdoor.Win32.Surila.o).
For details, see description of Mydoom.BB
http:/
MyDoom.BC
This malware was reported by: F-Secure
MyDoom.BC appeared on February 18th, 2005. It is a minor variant of
MyDoom.BB. MyDoom.BC adds a few new sites from which the worm attempts
to download the additional Backdoor (Backdoor.Win32.Surila.o).
For details, see description of Mydoom.BB
http:/
W32/Derdero.a@MM
This malware was reported by: Network Associates Inc
Top of Page
W32.Kipis.L@mm
This malware was reported by: Symantec
W32.Kipis.L@mm is a mass-mailing worm that lowers security settings, opens a back door on the compromised computer and exploits the Microsoft Internet Explorer ITS Protocol Zone Bypass Vulnerability (BID 9658).
W32.Mydoom.AZ@mm
This malware was reported by: Symantec
Mydoom.AX
This malware was reported by: Computer Associates
Win32.Mydoom.AX is a worm that spreads via e-mail; it has been distributed as a 26,011-byte, MEW-packed, Win32 executable.
Mydoom.AY
This malware was reported by: Computer Associates
Win32.Mydoom.AY is a worm that spreads via e-mail; it has been distributed as a 26,013-byte, MEW-packed, Win32 executable.
W32.Derdero.B@mm
This malware was reported by: Symantec
W32.Derdero.B@mm is a mass-mailing worm that uses its own SMTP engine to send an email to addresses that it gathers from the Windows Address Book. It also attempts to spread through file-sharing programs and infects all .exe files on the C drive.
W32/Sdbot-VH
This malware was reported by: Sophos
W32.Derdero.C@mm
This malware was reported by: Symantec
W32.Mydoom.BA@mm
This malware was reported by: Symantec
W32/Mydoom.be@MM
This malware was reported by: Network Associates Inc
-- Update 21st Feb 2005 --
Due to increased prevalence, the risk assessment of this threat has been raised to MEDIUM. The specified DAT files will be released early to address this threat.
If you think that you may be infected with W32/
W32/Rbot-WF
This malware was reported by: Sophos
W32/MyDoom-O
This malware was reported by: Sophos
Mydoom.AZ
This malware was reported by: Computer Associates
Win32.Mydoom.AZ is a worm that spreads via e-mail; it has been distributed as a 26,010-byte, MEW-packed, Win32 executable.
W32.Jumpred.A
This malware was reported by: Symantec
W32.Jumpred.A is a worm that spreads through IRC channels using the MIRC client. The worm also copies itself to the A drive and attempts to copy itself to file-sharing networks.
Downloader.Reitrec
This malware was reported by: Symantec
Downloader.Reitrec is a Trojan horse program that downloads other threats.
Sober.K
This malware was reported by: F-Secure
Sober.K worm was seeded in e-mails on 21st of February 2005. It
is quite similar to the previous variants. Sober.K sends itself
as an attachment in e-mail messages with English or German texts.
Sober.K
This malware was reported by: Computer Associates
Win32.Sober.K is a worm that spreads via e-mail, attached to messages that can be either in English or German. The worm has been distributed as a 51,918-byt
W32/Sober-K
This malware was reported by: Sophos
W32.Sober.K@mm
This malware was reported by: Symantec
W32.Sober.K@mm is a mass-mailing worm that uses its own SMTP engine to send itself to email addresses gathered from a compromised computer. The email will be in either English or German.
Bropia.J
This malware was reported by: Computer Associates
Win32.Bropia.J is a worm that spreads via MSN Messenger. It may also be able to spread using Windows Messenger. It drops a variant of the Rbot worm family,
Bropia.I
This malware was reported by: Computer Associates
Win32.Bropia.I is a worm that spreads via MSN Messenger. It may also be able to spread using Windows Messenger. It drops a variant of the Rbot worm family,
W32/Derdero-A
This malware was reported by: Sophos
W32/Rbot-WB
This malware was reported by: Sophos
W32/Sober.l@MM
This malware was reported by: Network Associates Inc
Sober.M
This malware was reported by: Panda Software
Sober.M is a worm that spreads via e-mail, in a message written in English or German.The e-mail message will be written in German only if the mail domain extension is one of the following: de (Germany), ch (Switzerland), at (Austria) or li (Liechtenstein
MyDoom.BE
This malware was reported by: F-Secure
MyDoom.BE appeared on February 20th, 2005. It is a minor variant of
MyDoom.BB. MyDoom.BE adds a few new sites from which the worm attempts
to download the additional Backdoor (Backdoor.Win32.Surila.o).
For details, see description of Mydoom.BB
http:/
W32/Forbot-EG
This malware was reported by: Sophos
W32/Kipis-I
This malware was reported by: Sophos
Mydoom.BA
This malware was reported by: Computer Associates
Win32.Mydoom.BA is a worm that spreads via e-mail; it has been distributed as a variable length, Win32 executable.
Mydoom.BB
This malware was reported by: Computer Associates
Win32.Mydoom.BB is a worm that spreads via e-mail; it has been distributed as a variable length, Win32 executable.
Mydoom.BC
This malware was reported by: Computer Associates
Win32.Mydoom.BC is a worm that spreads via e-mail; it has been distributed as a variable length, Win32 executable.
Bropia.P
This malware was reported by: Computer Associates
Win32.Bropia.P is a worm that spreads via MSN Messenger. It may also be able to spread using Windows Messenger. It drops a variant of the ForBot worm family
Bropia.Q
This malware was reported by: Computer Associates
Win32.Bropia.Q is a worm that spreads via MSN Messenger. It may also be able to spread using Windows Messenger. It drops a variant of the Rbot worm family,
W32/MyDoom-BE
This malware was reported by: Sophos
W32/Poebot-H
This malware was reported by: Sophos
Bropia.R
This malware was reported by: Computer Associates
W32.Bropia.P
This malware was reported by: Symantec
Trojan.Chimo.A
This malware was reported by: Symantec
Trojan.Chimo.A is a Trojan horse that allows a compromised computer to be used as an email relay. The Trojan may also attempt to connect to a predetermined Web site.
Backdoor.Berbew.Q
This malware was reported by: Symantec
Backdoor.Berbew.Q is a Trojan horse program that steals passwords from a compromised computer. The Trojan also opens a back door and allows a remote attacker to have unauthorized access to the compromised computer.
W32.Dumaru.Y@mm!enc
This malware was reported by: Symantec
W32.Dumaru.Y@mm!enc is an .enc detection for MIME-encoded files that contain the W32.Dumaru.Y@mm worm.
W32.Mydoom.BB@mm
This malware was reported by: Symantec
W32.Mydoom.BB@mm is a mass-mailing worm that uses it own SMTP engine to send email to addresses that it gathers from the Windows Address Book on a compromised computer. This worm is a minor variant of W32.Mydoom.BA@mm.
Rbot.BTK
This malware was reported by: Computer Associates
MyDoom.BF
This malware was reported by: F-Secure
MyDoom.BF appeared on February 20th, 2005. It is a minor variant of
MyDoom.BB. MyDoom.BF uses a different site from which the worm attempts
to download the additional Backdoor (Backdoor.Win32.Surila.o). This
variant is not packed with executable compr
Bropia.J
This malware was reported by: F-Secure
Bropia.J is a minor variant of Bropia.G worm. Like the previous variants,
it uses MSN messenger for spreading. It also drops a variant of Rbot
on the infected system.
W32/Mydoom.bf@MM
This malware was reported by: Network Associates Inc
This variant W32/Mydoom is similar to previous variants, it bears the following characteristics:
mass-mailing worm constructing messages using its own SMTP engine
harvests email addresses from the victim machine
spoofs the From: address
W32/Bropia-P
This malware was reported by: Sophos
W32/MyDoom-AS
This malware was reported by: Sophos
W32/Bropia.worm.q
This malware was reported by: Network Associates Inc
W32.Bropia.Q
This malware was reported by: Symantec
W32.Bropia.Q is a worm that propagates using MSN Messenger.
Trojan.Goldun.C
This malware was reported by: Symantec
Trojan.Goldun.C is a Trojan horse program that attempts to log keystrokes and steal account information entered into forms on the www.e-gold.com domain.
W32/Sdbot-VL
This malware was reported by: Sophos
W32/Assiral-A
This malware was reported by: Sophos
Trojan.Anicmoo.B
This malware was reported by: Symantec
Trojan.Anicmoo.B is a downloader Trojan that exploits the Windows User32.DLL ANI File Header Handling Stack-Based Buffer Overflow Vulnerability (as described in the Microsoft Security Bulletin MS05-002). The Trojan exists as a malformed animated cursor
Uhanfo
This malware was reported by: Network Associates Inc
Univ.ow/a
This malware was reported by: Network Associates Inc
This is a generic detection for several hundred DOS viruses.
These DOS viruses share one key feature in common - the files that they "infect" are in fact overwritten by the virus completely, leaving nothing of the original files to be recov
W32/Domwis-G
This malware was reported by: Sophos
W32.Bropia.R
This malware was reported by: Symantec
W32.Bropia.R is a worm that spreads via MSN Messenger and drops a variant of W32.Spybot.Worm.
W32.Deadcode.A
This malware was reported by: Symantec
W32.Deadcode.A is a polymorphic virus that infects executable files, which will display "Long Live Great SERBIA" in a message box.
Assiral.A
This malware was reported by: Computer Associates
Win32.Assiral.A is a mass-mailing worm that uses Microsoft Outlook to spread. The worm has been distributed as 43,520-byte ASPack compressed Win32 PE file.
Trojan.Dremn
This malware was reported by: Symantec
Trojan.Dremn is a Trojan horse program that attempts to log keystrokes and steal information. The Trojan may arrive on a compromised computer as a Microsoft Word document with a password protected macro.
Download.Sumina
This malware was reported by: Symantec
Download.Sumina is a Trojan horse program that downloads malicious files from a predefined Web site and injects malicious code into clean processes.
Assiral.A
This malware was reported by: F-Secure
Assiral.A is a simple mass mailing worm that also tries to kill the
Bropia worm.
W32.Assiral@mm
This malware was reported by: Symantec
W32.Assiral@mm is a mass-mailing worm that sends a copy of itself to email addresses gathered from a compromised computer.
Assiral.A
This malware was reported by: Panda Software
Assiral.A is a worm that modifies the settings of the affected computer: it prevents users from accessing the Windows Registry Editor, the Run option in the Start menu and the command line. It also prevents drives from being listed in the Windows Explore
W32/Bropia-Q
This malware was reported by: Sophos
W32/Rbot-WF
This malware was reported by: Sophos
W32/Sdranck-A
This malware was reported by: Sophos
W32/MyDoom-BC
This malware was reported by: Sophos
W32.Ahker.E@mm
This malware was reported by: Symantec
W32.Ahker.E@mm is a mass-mailing worm that uses MAPI to send a copy of itself to email addresses gathered from the compromised computer. The worm lowers security settings, prevents access to several Web sites, and blocks access to several programs.
W32/Bropia-R
This malware was reported by: Sophos
W32/Sober-K
This malware was reported by: Sophos
Bropia.L
This malware was reported by: Computer Associates
Win32.Bropia.L is a worm that spreads via MSN Messenger. It may also be able to spread using Windows Messenger.
W32/MyDoom-BD
This malware was reported by: Sophos
W32/Derdero-A
This malware was reported by: Sophos
W32.Stang
This malware was reported by: Symantec
W32.Stang is a worm that spreads via Microsoft MSN Messenger and attempts to end processes and lower security settings. The worm also disables the Task Manager and Registry Editor.
W32/Codbot-Gen
This malware was reported by: Sophos
W32/Forbot-EG
This malware was reported by: Sophos
W32/Agobot-QE
This malware was reported by: Sophos
W32/MyDoom-BE
This malware was reported by: Sophos
Stang.A
This malware was reported by: Panda Software
Stang.A is a worm that ends the processes LSASS.EXE and SVCHOST.EXE, which belong to the Windows operating system.The process LSASS.EXE deals with local security and login policies and if it is ended, a countdown message is displayed, and the computer is
Troj/Dloader-IE
This malware was reported by: Sophos
W32/Bropia-P
This malware was reported by: Sophos
W32.Derdero.E@mm
This malware was reported by: Symantec
W32.Derdero.E@mm is a mass-mailing worm that uses it own SMTP engine to send an email to addresses gathered from a compromised computer. The worm lowers security settings and attempts to spread through file-sharing programs.
W32.Looked.C
This malware was reported by: Symantec
W32.Looked.C is a worm that downloads a remote file and infects .exe files. The worm lowers security settings and spreads through network shares protected by weak passwords.
Aimdes.B
This malware was reported by: Computer Associates
Win32.Aimdes.B is a worm that spreads through the AOL Instant Messenger network. It has been distributed as a 40,960-byteWin32 executable.
Aimdes.C
This malware was reported by: Computer Associates
Win32.Aimdes.C is a worm that spreads through the AOL Instant Messenger network. It has been distributed as a 40,960-byteWin32 executable.