W32/Tibick-C
This malware was reported by: Sophos
Troj/Goldun-O
This malware was reported by: Sophos
Skulls.E
This malware was reported by: F-Secure
Skulls.E is a new variant of Skulls SIS file trojan.
Is drops slightly modified Cabir.F on to the device, and
disables built in applications.
The Skulls.E is still under analysis, further details
will be published in near future.
SymbOS/Commwarrior.b!sys
This malware was reported by: Network Associates Inc
This threat is a malicious .SIS
file targeting Nokia series 60 based devices. The virus masquerades as a variety of benign applications, including games, porn, and cross platform emulators. See “Table 1
- SIS Message Text” for a more com
W32/Bropia-G
This malware was reported by: Sophos
W32/Forbot-EP
This malware was reported by: Sophos
SymbOS.Dampig.A
This malware was reported by: Symantec
SymbOS.Dampig.A is a Symbian Trojan horse that disables applications and installs several variants of SymbOS.Cabir worm on Symbian series 60 devices.
It has been reported that the Trojan disguises itself as a copy of the application Full Screen Caller
Acanze
This malware was reported by: F-Secure
Acanze.A is simple email worm of Italian origin written in Visual Basic.
Due to the coding techiques used, the worm will only work properly
under Italian Windows versions.
PWSteal.Botuk
This malware was reported by: Symantec
PWSteal.Botuk is a password stealing Trojan horse program that steals information entered into forms on certain financial Web sites.
SymbOS.Commwarrior.B
This malware was reported by: Symantec
SymbOS.Commwarrior.B is a worm that replicates on the Symbian OS, which is used as the operating system for Nokia Series 60 cellular telephones. It attempts to spread using Multimedia Messaging Service (MMS) and Bluetooth as a randomly named .sis file.
W32/Radbot-A
This malware was reported by: Sophos
W32/Rbot-WX
This malware was reported by: Sophos
Bropia.T
This malware was reported by: Computer Associates
Description Win32.Bropia.T is a worm that spreads via MSN Messenger. It may also spread using Windows Messenger. It has been distributed as a self extracting RAR.
Backdoor.Solufina
This malware was reported by: Symantec
Backdoor.Solufina is a Trojan horse program that acts as a proxy server. It has the ability to allow unauthorized remote access to a compromised computer.
Backdoor.Zins.B
This malware was reported by: Symantec
Backdoor.Zins.B is a back door Trojan horse program with keylogging functions that steals Internet banking details from certain Internet Banking Web sites.
W32/Rbot-XE
This malware was reported by: Sophos
W32/Kelvir-B
This malware was reported by: Sophos
W32/Domwis-H
This malware was reported by: Sophos
W32/Forbot-ER
This malware was reported by: Sophos
W32.Myfip.T
This malware was reported by: Symantec
W32.Myfip.T is a network-aware worm that steals files from a compromised computer.
BackDoor-AVW
This malware was reported by: Network Associates Inc
W32/Agobot-QT
This malware was reported by: Sophos
W32/Kelvir-C
This malware was reported by: Sophos
Backdoor.Ranky.T
This malware was reported by: Symantec
Backdoor.Ranky.T is a Trojan horse program that allows a compromised computer to be used as a covert proxy.
Trojan.Lodmedud
This malware was reported by: Symantec
Trojan.Lodmedud is a Trojan horse program that downloads and executes files from the Internet. It also drops Trojan.Slanret that allows other applications to gain system level privileges on the compromised computer.
Note: Virus definitions dated prior
W32/Sdbot.gen@MM
This malware was reported by: Network Associates Inc
Due to the large volume of members of this virus family, the size of extra.dats required to detect these is very large. AVERT have therefore split the detection into multiple drivers although the behavior of all members is broadly similar.
W32/Sdbot.gen.r
This malware was reported by: Network Associates Inc
Due to the large volume of members of this virus family, the size of extra.dats required to detect these is very large. AVERT have therefore split the detection into multiple drivers although the behavior of all members is broadly similar.
PWS-Banker.l
This malware was reported by: Network Associates Inc
W32/Rbot-XI
This malware was reported by: Sophos
W32/Sumom-A
This malware was reported by: Sophos
Backdoor.Staprew
This malware was reported by: Symantec
Backdoor.Staprew is a back door Trojan horse that allows a remote attacker to have unauthorized access to the compromised computer.
W32.Kelvir.E
This malware was reported by: Symantec
W32.Kelvir.E is a worm that drops a variant of W32.Spybot.Worm and spreads through MSN Messenger and by exploiting vulnerabilities.
HTool/dialhk2
This malware was reported by: Network Associates Inc
W32/Sumom-B
This malware was reported by: Sophos
W32/Sober-L
This malware was reported by: Sophos
W32/Radebot.worm
This malware was reported by: Network Associates Inc
W32.Toxbot
This malware was reported by: Symantec
W32.Toxbot is a worm that opens an IRC back door on the compromised computer and spreads by exploiting vulnerabilities.
Trojan.Tabela.B
This malware was reported by: Symantec
Trojan.Tabela.B is a Trojan horse program that steals email addresses from a compromised computer. The Trojan sends the stolen email addresses via HTTP to the eaglehousing.com domain.
Backdoor.Haiyangweng
This malware was reported by: Symantec
Backdoor.Haiyangweng is a back door Trojan horse that allows a remote attacker to control a compromised computer. The Trojan runs as an Active Server Page server-side script on computers running a Web server that supports ASP processing. The Trojan displ
Downloader-VJ
This malware was reported by: Network Associates Inc
StartPage Trojan
This malware was reported by: F-Secure
W32/Kelvir-D
This malware was reported by: Sophos
W32.Toxbot.B
This malware was reported by: Symantec
W32.Toxbot.B is a worm that opens an IRC back door on the compromised computer and spreads by exploiting vulnerabilities.
W32/Agobot-QU
This malware was reported by: Sophos
W32/Tibick-C
This malware was reported by: Sophos
WareOut
This malware was reported by: Network Associates Inc
Downloader-OV
This malware was reported by: Network Associates Inc
Downloader-VG
This malware was reported by: Network Associates Inc
Trojan.Flush.B
This malware was reported by: Symantec
Trojan.Flush.B is a Trojan horse program that modifies DNS settings on the compromised computer.
W32/Rbot-XM
This malware was reported by: Sophos
W32/Bropia-G
This malware was reported by: Sophos
Ruzes.A
This malware was reported by: Panda Software
Ruzes.A is a Trojan that collects e-mail addresses on the affected computer and sends them to an IP address.Ruzes.A is downloaded from an IP address by another Trojan detected as Downloader.BBN.
Trojan.Adwarehelper
This malware was reported by: Symantec
Trojan.Adwarehelper is a Trojan horse program that is used by other threats. The Trojan edits the registry to enable other malware to open Internet Explorer in a pop-up window.
Note: Virus definitions dated prior to March 11, 2005 detect this threat as
PWCrack-NTCrack
This malware was reported by: Network Associates Inc
W32/Elitper-C
This malware was reported by: Sophos
W32/Radbot-A
This malware was reported by: Sophos
W32/Sdbot.worm!48548
This malware was reported by: Network Associates Inc
This is a variant of
W32/Sdbot.worm
which bears strong resemblance to the many other members of this rapidly growing family.
It is detected as W32/Sdbot.worm.gen.y
with the specified engine and DATs, and bears the look for vulnerab
W32/Kelvir.worm.gen
This malware was reported by: Network Associates Inc
This is a generic detection covering certain W32/Kelvir.worm variants (such as W32/Kelvir.worm.f
).
The Kelvir worm family spreads via MSN Messenger and typically installs the W32/Sdbot.worm.
Top of Page
W32/Sdbot-VW
This malware was reported by: Sophos
W32/Rbot-XE
This malware was reported by: Sophos
W32.Kelvir.F
This malware was reported by: Symantec
W32.Kelvir.F is a worm that spreads through MSN Messenger and drops a variant of W32.Spybot.Worm.
W32.Zori.A
This malware was reported by: Symantec
W32.Zori.A is an EXE infecting virus written in the Delphi programming language.
Trojan.StartPage.K
This malware was reported by: Symantec
Trojan.StartPage.K is a Trojan horse that modifies the Internet Explorer start page settings and displays unsolicited advertisements.
W32.Elitper.B@mm
This malware was reported by: Symantec
W32.Elitper.B@mm is a worm that spreads through file-sharing networks and lowers Windows security settings. The worm is written in Microsoft Visual Basic.
Trojan.Kaemon
This malware was reported by: Symantec
Trojan.Kaemon is a Trojan horse program that logs keystrokes and sends the stolen information to a predetermined email addresses.
W32/Capside-C
This malware was reported by: Sophos
W32/Domwis-H
This malware was reported by: Sophos
W32.Mytob.E@mm
This malware was reported by: Symantec
W32.Mytob.E@mm is a mass-mailing worm that uses it own SMTP engine to send an email to addresses that it gathers from the Windows Address Book on the compromised computer.
The worm also has the ability to open a back door and spread through the network
W32/Esalone-A
This malware was reported by: Sophos
W32/Agobot-QT
This malware was reported by: Sophos
W32.Selotima.A
This malware was reported by: Symantec
W32.Selotima.A is a worm that propagates through file-sharing networks and inserts itself into .zip and .rar archives.
Welcome to the Matrix Hoax
This malware was reported by: Network Associates Inc
Adware-AdultLinks
This malware was reported by: Network Associates Inc
Troj/Dowcen-Gen
This malware was reported by: Sophos
W32/Rbot-XI
This malware was reported by: Sophos
W32.Chod@mm
This malware was reported by: Symantec
W32.Chod@mm is a mass-mailing worm that also propagates using MSN Messenger. The worm has back door capabilities and can be controlled through IRC channels. It also overwrites the Hosts file and lowers security settings.
Openstream.T
This malware was reported by: F-Secure
Openstream.T is Java applet based trojan downloader,
that will download and execute a trojan that will download
spyware and adware into the system.
Openstream.T comes in a signed Java JAR file, that will download
and activate if user uses a web brow
W32/NoChod@MM
This malware was reported by: Network Associates Inc
This detection is for a worm written in Visual Basic (and subsequently packed with MEW) that bears the following characteristics:
propagates via emailconstructing messages using its own SMTP engine
target email addresses are extracted from
W32/Rbot-XS
This malware was reported by: Sophos
W32/Sumom-B
This malware was reported by: Sophos
W32.Mytob.F@mm
This malware was reported by: Symantec
W32.Mytob.F@mm is a mass-mailing worm that uses it own SMTP engine to send an email to addresses that it gathers from the Windows Address Book on the compromised computer. The email has a variable subject and attachment name.
The worm also has the a
Trojan.Adwareloader
This malware was reported by: Symantec
Trojan.Adwareloader is a Trojan horse program that lowers Windows security settings and downloads adware and spyware.
Tobecho.A
This malware was reported by: Panda Software
Tobecho.A is a worm that opens a port in the affected computer, and listens to it, acting as a backdoor. This worm receives remote control commands, such as restarting the system, downloading files, stealing information in the affected computer, etc.Tobe
W32/Agobot-QV
This malware was reported by: Sophos
W32.Mytob.G@mm
This malware was reported by: Symantec
W32.Mytob.G@mm is a mass-mailing worm that uses it own SMTP engine to send an email to addresses that it gathers from the compromised computer.
The worm also has the ability to spread through the network by exploiting the Microsoft Windows Local Secur
W32.Kelvir.H
This malware was reported by: Symantec
W32.Kelvir.H is a worm that spreads through MSN Messenger and drops a variant of W32.Spybot.Worm.
W32.Elitper.D@mm
This malware was reported by: Symantec
W32.Elitper.D@mm is a mass-mailing worm that also attempts to spread using file-sharing networks. It terminates processes, deletes files, and lowers Windows security settings.
W32.Kelvir.G
This malware was reported by: Symantec
W32.Kelvir.G is a worm that spreads through MSN Messenger and drops a variant of W32.Spybot.Worm.
W32/Rbot-XW
This malware was reported by: Sophos
W32/Agobot-QU
This malware was reported by: Sophos
PWSteal.Reanet.B
This malware was reported by: Symantec
PWSteal.Reanet.B is a Trojan horse program that displays a fake logon screen and attempts to steal account information for several financial Web sites.
PWSteal.Secucent
This malware was reported by: Symantec
PWSteal.Secucent is a Trojan horse program that attempts to collect user information using a fake Microsoft Security Center message.
W32/Agobot-QX
This malware was reported by: Sophos
W32/Rbot-XM
This malware was reported by: Sophos
W32.Serflog.C
This malware was reported by: Symantec
W32.Serflog.C is a worm that spreads through file-sharing networks and MSN Messenger. The worm also lowers security settings.
Trojan.StartPage.L
This malware was reported by: Symantec
Trojan.StartPage.L is a Trojan horse that modifies the Internet Explorer settings.
Trojan.StartPage.M
This malware was reported by: Symantec
Trojan.StartPage.M is a Trojan horse that modifies settings in Internet Explorer.
Note: Virus definitions dated prior to March 15, 2005 may detect this as Trojan.StartPage.
W32/Mytob-B
This malware was reported by: Sophos
W32/Elitper-C
This malware was reported by: Sophos
Adware-Websearch
This malware was reported by: Network Associates Inc