W32/Demotrayo.worm
This malware was reported by: Network Associates Inc
Detection was added to cover for a worm threat with the original filename being "rundl32.exe
", having a filesize of 36352 bytes. The file is written using the Borland Delphi development tool. To hide its actual code the file is internally
Del-471
This malware was reported by: Network Associates Inc
Drever.C
This malware was reported by: F-Secure
Skulls.F
This malware was reported by: F-Secure
Skulls.F is an edited version of Skulls.D SIS file trojan,
it contains several variants of Cabir worm, and several
copies of Locknut.B trojan.
Skulls.F is still under analysis, detailed information will
be provided in near future.
Drever.B
This malware was reported by: F-Secure
Drever.B is a malicious SIS file trojan that disables the
automatic startup from Simworks Symbian Anti-Virus software.
Drever.B does not affect F-Secure Mobile Anti-Virus.
Crowt.B
This malware was reported by: Panda Software
Crowt.B is a worm that opens a backdoor, which allows to remotely control the affected computer and receive additional commands.Crowt.B also installs a keylogger, which could be used to reveal personal or confidential information, such as passwords.Crowt
Troj/Bancos-BU
This malware was reported by: Sophos
W32/Poebot-K
This malware was reported by: Sophos
Mydoom.BH
This malware was reported by: Panda Software
Mydoom.BH is a worm that downloads an executable file from a certain web page.Mydoom.BH spreads via e-mail and through the peer-to-peer (P2P) file sharing program KaZaA.
Proxy-OSS
This malware was reported by: Network Associates Inc
W32/Rbot-ZA
This malware was reported by: Sophos
Troj/Dloader-JQ
This malware was reported by: Sophos
Troj/Bdoor-FW
This malware was reported by: Sophos
W32/Sumom-C
This malware was reported by: Sophos
StartPage-DI
This malware was reported by: Network Associates Inc
Trojan.Alwayup
This malware was reported by: Symantec
Trojan.Alwayup is a Trojan horse that attempts to steal system information. The Trojan also downloads and executes the latest version of itself it on the compromised computer.
Note: Virus definitions dated March 21,2005 or earlier may detect this thre
StartPage-FI
This malware was reported by: Network Associates Inc
Troj/Bancos-BV
This malware was reported by: Sophos
Troj/Banker-HE
This malware was reported by: Sophos
Downloader.BHV
This malware was reported by: Panda Software
W32/MyDoom-BH
This malware was reported by: Sophos
Mydoom.AQ
This malware was reported by: F-Secure
Mydoom.AQ is a minor variant of Mydoom.AM worm. It spreads
in e-mails with different subject and body texts, and attempts
to spread in several P2P networks.
Please read the following page for more information:
http://www.f-secure.com/v-descs/mydoom
Trojan.Mochi
This malware was reported by: Symantec
Trojan.Mochi is a Trojan horse program that relays spam.
W32/Catc-A
This malware was reported by: Sophos
W32/Sdbot-WE
This malware was reported by: Sophos
Backdoor.Fuwudoor
This malware was reported by: Symantec
Backdoor.Fuwudoor is a back door Trojan that allows unauthorized access to a compromised computer and attempts to hide its presence.
W32/BlackMagic.bat
This malware was reported by: Network Associates Inc
PWSteal.Ldpinch.E
This malware was reported by: Symantec
PWSteal.Ldpinch.E is a password stealing Trojan horse program that opens a back door and attempts to steal information from a compromised computer.
Backdoor.Livehar
This malware was reported by: Symantec
Backdoor.Livehar is a Linux-based Trojan horse that attempts to open a back door on the compromised computer. The Trojan opens a raw IP socket and sends customized ICMP packets through it. This allows the remote attacker to communicate with the back door
Troj/PurScan-W
This malware was reported by: Sophos
Troj/Feutel-B
This malware was reported by: Sophos
PowerScan
This malware was reported by: Network Associates Inc
Testing
This malware was reported by: F-Secure
Adware-FreeComm.dr
This malware was reported by: Network Associates Inc
Adware-FreeComm
This malware was reported by: Network Associates Inc
Adware-FreeComm.dldr
This malware was reported by: Network Associates Inc
W32/Agobot-RC
This malware was reported by: Sophos
W32/Rbot-YV
This malware was reported by: Sophos
Downloader-WY
This malware was reported by: Network Associates Inc
Adware-GoogleMS
This malware was reported by: Network Associates Inc
Backdoor.Dextenea
This malware was reported by: Symantec
Backdoor.Dextenea is a Linux-based Trojan horse that attempts to open a back door and uses various malicious programs to conceal its presence.
Troj/Bancos-BU
This malware was reported by: Sophos
W32/Sdbot.worm!184320
This malware was reported by: Network Associates Inc
This is a variant of
W32/Sdbot.worm
which bears strong resemblance to the many other members of this rapidly growing family.
It is detected as W32/Sdbot.worm.gen.h
with the specified engine and DATs, and bears the look for vulner
Adware-Ilookup
This malware was reported by: Network Associates Inc
W32/Agobot-RB
This malware was reported by: Sophos
W32/Rbot-ZA
This malware was reported by: Sophos
Backdoor.Nibu.J
This malware was reported by: Symantec
Backdoor.Nibu.J opens a back door on a compromised computer. It also runs a keylogger, periodically sending the stolen information to a predetermined email address.
W32/Sdbot-WG
This malware was reported by: Sophos
Troj/Bdoor-FW
This malware was reported by: Sophos
X97M.Dropo
This malware was reported by: Symantec
X97M.Dropo is a Microsoft Excel macro virus that drops two Trojan horse applications and infects all Excel worksheets.
Adware-SaveNow
This malware was reported by: Network Associates Inc
BackDoor-CPG
This malware was reported by: Network Associates Inc
W32/Mytob-D
This malware was reported by: Sophos
Troj/Bancos-BV
This malware was reported by: Sophos
W32.Mytob.J@mm
This malware was reported by: Symantec
W32.Mytob.J@mm is a mass-mailing worm that has back door capabilities and uses its own SMTP engine to send emails to addresses that it gathers from the compromised computer.
The worm spreads through the network by exploiting the Microsoft Windows Loca
W32/Mytob-E
This malware was reported by: Sophos
StartPage-GC
This malware was reported by: Network Associates Inc
StartPage-GQ
This malware was reported by: Network Associates Inc
StartPage-GL
This malware was reported by: Network Associates Inc
StartPage-GG
This malware was reported by: Network Associates Inc
StartPage-GE
This malware was reported by: Network Associates Inc
W32.Clunk.A
This malware was reported by: Symantec
W32.Clunk.A is a password-stealing worm that propagates through network file shares. It captures text typed into Internet Explorer and takes screenshots of browser windows, attempting to collect passwords and other sensitive information.
W32/Mytob-G
This malware was reported by: Sophos
W32/Catc-A
This malware was reported by: Sophos
W32.Mytob.K@mm
This malware was reported by: Symantec
W32.Mytob.K@mm is a mass-mailing worm with back door capabilities. The worm uses its own SMTP engine to send email to addresses that it gathers from the compromised computer. The worm also spreads by exploiting the Microsoft Windows Local Security Auth
W32.Mytob.L@mm
This malware was reported by: Symantec
W32.Mytob.L@mm is a mass-mailing worm with back door capabilities. The worm uses its own SMTP engine to send email to addresses that it gathers from the compromised computer. The worm also spreads by exploiting the Microsoft Windows Local Security Auth
W32.Reidana.A
This malware was reported by: Symantec
W32.Reidana.A is a worm that spreads by using the Microsoft Windows DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026). The worm attempts to download and execute a remote file.
W32.Mytob.M@mm
This malware was reported by: Symantec
W32.Mytob.M@mm is a mass-mailing worm with back door capabilities. The worm uses its own SMTP engine to send email to addresses that it gathers from the compromised computer. The worm also spreads by exploiting the Microsoft Windows Local Security Auth
W32.Mytob.O@mm
This malware was reported by: Symantec
W32.Mytob.O@mm is a mass-mailing worm with back door capabilities. The worm uses its own SMTP engine to send email to addresses that it gathers from the compromised computer. The worm also spreads by exploiting the Microsoft Windows Local Security Auth
W32/Agobot-RE
This malware was reported by: Sophos
Troj/PurScan-W
This malware was reported by: Sophos
W32.Elitper.E@mm
This malware was reported by: Symantec
W32.Elitper.E@mm is a worm that attempts to spreads using MS Outlook and file-sharing networks. It also terminates processes, deletes files, and lowers Windows security settings.
SymbOS.Skulls.F
This malware was reported by: Symantec
SymbOS.Skulls.F is a Symbian Trojan horse that propagates through Bluetooth-enabled devices in series 60 phones. The Trojan also disables several applications.
SymbOS.Skulls.E
This malware was reported by: Symantec
SymbOS.Skulls.E is a Symbian Trojan horse program that propagates through Bluetooth-enabled devices in series 60 phones. The Trojan also disables several applications and installs a variant of the SymbOS.Cabir worm .
SymbOS.Drever.C
This malware was reported by: Symantec
SymbOS.Drever.C is a Trojan horse that disables certain Symbian OS antivirus programs by overwriting their startup files. It is reported that the antivirus programs affected by this Trojan are Kaspersky, Simworks, and F-Secure Symbian antivirus products.
SymbOS.Drever.B
This malware was reported by: Symantec
SymbOS.Drever.B is a Trojan horse that disables certain Symbian OS antivirus programs by overwriting their startup files. The antivirus program affected by this Trojan is SimWorks Anti-Virus for Symbian OS.
It has been reported that the Trojan can be do
SymbOS.Drever.A
This malware was reported by: Symantec
SymbOS.Drever.A is a Trojan horse that disables certain Symbian OS antivirus programs by overwriting their startup files.
W32/Mytob-K
This malware was reported by: Sophos
W32/Agobot-RC
This malware was reported by: Sophos
W32/Mytob-N
This malware was reported by: Sophos
W32/Rbot-DP
This malware was reported by: Sophos
Adware-IMIServ
This malware was reported by: Network Associates Inc
W32.Mytob.Q@mm
This malware was reported by: Symantec
W32.Mytob.Q@mm is a mass-mailing worm with back door capabilities that is infected with W32.Pinfi. The worm uses its own SMTP engine to send email to addresses that it gathers from the compromised computer.
The worm also spreads by exploiting the Micr
W32.Mytob.S@mm
This malware was reported by: Symantec
W32.Mytob.S@mm is a mass-mailing worm with back door capabilities that uses its own SMTP engine to send email to addresses that it gathers from the compromised computer.
The worm also spreads by exploiting the Microsoft Windows Local Security Authority
W32.Mytob.R@mm
This malware was reported by: Symantec
Trojan.Phel.B
This malware was reported by: Symantec
Trojan.Phel.B is a Trojan horse that is distributed as an .html file and attempts to exploit the Microsoft Internet Explorer HTML Help Control Local Zone Security Restriction Bypass vulnerability (described in Microsoft Security Bulletin MS05-001). If t
Trojan.KillAV.F
This malware was reported by: Symantec
Trojan.KillAV.F is a Trojan horse that installs a Browser Helper Object(BHO) and disables security software. This BHO causes the browser to download a variant of PWSteal.Bankash.
Trojan.LowZones
This malware was reported by: Symantec
Trojan.LowZones is a Trojan horse that lowers Interner Explorer security settings.
Troj/HideDial-E
This malware was reported by: Sophos
W32/Agobot-RB
This malware was reported by: Sophos
W32.Kelvir.J
This malware was reported by: Symantec
W32.Kelvir.J is a worm that spreads through MSN Messenger. It attempts to download and execute a remote file.
PWSteal.Bankash.E
This malware was reported by: Symantec
PWSteal.Bankash.E is a Trojan horse program that attempts to steal passwords and usernames for certain financial Web sites. The Trojan will also disable antivirus software.
W32/Sdbot-WK
This malware was reported by: Sophos
W32/Sdbot-WG
This malware was reported by: Sophos
W32/Mytob-H
This malware was reported by: Sophos
W32/Mytob-D
This malware was reported by: Sophos
W32/Wifil.worm!p2p
This malware was reported by: Network Associates Inc
BackDoor-COQ
This malware was reported by: Network Associates Inc
W32/Sdbot-WM
This malware was reported by: Sophos
W32/Mytob-E
This malware was reported by: Sophos