Skulls.H
This malware was reported by: F-Secure
Skulls.H is an edited version of Skulls.D SIS file trojan,
it contains several variants of Cabir worm, and several
copies of Locknut.B trojan.
Skulls.H is still under analysis, detailed information will
be provided in near future.
Skulls.G
This malware was reported by: F-Secure
Skulls.G is an edited version of Skulls.D SIS file trojan.
Skulls.G is still under analysis, detailed information will
be provided in near future.
W32.Sory.A
This malware was reported by: Symantec
W32/Kelvir-F
This malware was reported by: Sophos
W32/Agobot-RE
This malware was reported by: Sophos
Bloodhound.Exploit.31
This malware was reported by: Symantec
Dyfuca
This malware was reported by: F-Secure
W32/Elitper-E
This malware was reported by: Sophos
W32/Mytob-K
This malware was reported by: Sophos
Adware-PowerStrip
This malware was reported by: Network Associates Inc
W32/Sdbot-WN
This malware was reported by: Sophos
W32/Mytob-N
This malware was reported by: Sophos
W32/Forbot-Gen
This malware was reported by: Sophos
Trojan.Anicmoo.C
This malware was reported by: Symantec
PWSteal.Reanet.C
This malware was reported by: Symantec
Trojan.Littlog
This malware was reported by: Symantec
PP97M.Xjan.dr
This malware was reported by: Symantec
Backdoor.Botnachala
This malware was reported by: Symantec
X97M.Grazz.A
This malware was reported by: Symantec
SymbOS.Skulls.G
This malware was reported by: Symantec
Troj/PcClient-D
This malware was reported by: Sophos
Troj/HideDial-E
This malware was reported by: Sophos
Dialer-RAS.at.gen
This malware was reported by: Network Associates Inc
W32/Zelly
This malware was reported by: Network Associates Inc
SymbOS.Skulls.H
This malware was reported by: Symantec
W32/Ahker-F
This malware was reported by: Sophos
W32/Sdbot-WK
This malware was reported by: Sophos
Adware-3rdEye
This malware was reported by: Network Associates Inc
W32/Sdbot-WQ
This malware was reported by: Sophos
W32/Mytob-H
This malware was reported by: Sophos
Adware-4Arcade
This malware was reported by: Network Associates Inc
Adware-123Search
This malware was reported by: Network Associates Inc
Backdoor.Lateda.C
This malware was reported by: Symantec
Adware-2ndThought
This malware was reported by: Network Associates Inc
Adware-2Spy
This malware was reported by: Network Associates Inc
Backdoor.Fivsec
This malware was reported by: Symantec
W32/Rbot-APR
This malware was reported by: Sophos
W32/Mytob-G
This malware was reported by: Sophos
3rdEye
This malware was reported by: Network Associates Inc
Keylog-2Spy
This malware was reported by: Network Associates Inc
BigBrother
This malware was reported by: Network Associates Inc
W32.Zori.B
This malware was reported by: Symantec
W32.Kelvir.K
This malware was reported by: Symantec
W32.Sober.N@mm
This malware was reported by: Symantec
W32/Mytob-O
This malware was reported by: Sophos
W32/Sdbot-WM
This malware was reported by: Sophos
Mydoom.BN
This malware was reported by: Panda Software
Mydoom.BN is a worm that creates several execution threads. The first thread creates a file with a random text and opens the Notepad in order to display it when the worm is run.Mydoom.BN spreads via e-mail, in a message with variable chara
Mytob.P
This malware was reported by: Panda Software
Mytob.P is a worm with backdoor characteristics. It connects to a server and accepts remote control commands that are run in the affected computed.In addition to this, Mytob.P prevents the user from accessing certain web pages belonging to antivirus comp
Beliu.A
This malware was reported by: Panda Software
Beliu.A is a backdoor that connects to the website liubei.8866.org in order to accept remote control commands such as download, modify or delete files, run files, end processes, etc.It uses the port 8080 and the HTTP protocol in order to connect to the s
Troj/Bancos-BY
This malware was reported by: Sophos
W32/Kelvir-F
This malware was reported by: Sophos
W32/Stubbot-A
This malware was reported by: Sophos
W32/Elitper-E
This malware was reported by: Sophos
W32.Mytob.U@mm
This malware was reported by: Symantec
W32.Mytob.U@mm is a mass-mailing worm that has back door capabilities and uses its own SMTP engine to send an email to addresses that it gathers from the compromised computer.
The worm spreads through the network by exploiting the Microsoft Windows DCO
W32.Mydoom.BI@mm
This malware was reported by: Symantec
W32.Mydoom.BI@mm is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses that it finds on an compromised computer. It also attempts to spread through file-sharing networks.
Trojan.Pim
This malware was reported by: Symantec
Trojan.Pim is a Trojan horse that downloads and sends emails.
W32.Ahker.F@mm
This malware was reported by: Symantec
W32.Ahker.F@mm is a mass-mailing worm that uses MAPI to send a copy of itself to email addresses gathered from the compromised computer.
Trojan.Ascetic.B
This malware was reported by: Symantec
Trojan.Ascetic.B uses its own SMTP engine to send the email addresses that it finds on the infected computer to some predefined email addresses. The email address of the sender is spoofed. The subject is randomly generated text.
Note: Definitions prior
W32/Rbot-ZN
This malware was reported by: Sophos
Troj/BankAsh-F
This malware was reported by: Sophos
Troj/PcClient-D
This malware was reported by: Sophos
W32.Mytob.V@mm
This malware was reported by: Symantec
W32.Mytob.V@mm is a mass-mailing worm that uses it own SMTP engine to send an email to addresses that it gathers from files on the compromised computer. The email has a variable subject and attachment name. The attachment will have a .bat, .cmd, .doc, .
W32.Chod.B@mm
This malware was reported by: Symantec
W32.Chod.B@mm is a mass-mailing worm that also propagates using MSN Messenger. The worm has back door capabilities and can be controlled through IRC channels. It also overwrites the Hosts file to block access to several Web sites.
Troj/StartPa-FM
This malware was reported by: Sophos
W32/Ahker-F
This malware was reported by: Sophos
VBS.Haster@mm
This malware was reported by: Symantec
VBS.Ypsan.C@mm is a mass mailing VBScript worm that uses Microsoft Outlook to send itself to all email addresses in the Microsoft Outlook address book.
Note: Definitions dated prior to April 6, 2005 detect this threat as VBS.Haster@mm.
PWSteal.Lemir.H
This malware was reported by: Symantec
PWSteal.Lemir.H is a Trojan horse program that attempts to steal passwords for the Legend of Mir 2 online game.
W32/Rbot-ZP
This malware was reported by: Sophos
W32/Sdbot-WQ
This malware was reported by: Sophos
Mabir.A
This malware was reported by: F-Secure
Mabir is a worm that operates on Symbian Series 60 devices,
the Mabir worm is capable of spreading both over Bluetooth and MMS messages.
When Mabir.A infects a phone it will start searching other phones
that in can reach over Bluetooth and send infe
W32/Sdbot-WS
This malware was reported by: Sophos
W32/Rbot-APR
This malware was reported by: Sophos
SymbOS.Mabir
This malware was reported by: Symantec
SymbOS.Mabir is a worm that propagates through Bluetooth and MMS. The worm runs on the Symbian OS, which is used as the operating system for Nokia Series 60 cellular telephones.
W32.Envid.O@mm
This malware was reported by: Symantec
W32.Envid.O@mm is a mass-mailing worm that sends email to all addresses found in the Windows Address Book. The email contains a link to a Web site that contains a copy of the worm. The worm lowers security settings by terminating processes related to ant
VBS.Kuullio@mm
This malware was reported by: Symantec
VBS.Kuullio@mm is a mass-mailing worm that sends itself to all email addresses gathered from the Windows Address Book and attempts to shut down the compromised computer. The email has the following characteristics:
Subject: Movies
Attachment: Date.POP.v
W32.AllocUp.A
This malware was reported by: Symantec
W32.AllocUp.A is a network-aware worm that opens a back door on a random TCP port. The worm attempts to spread by exploiting the Microsoft Windows Local Security Authority Service Remote Buffer Overflow (as described in Microsoft Security Bulletin MS0
W32/Rbot-ZQ
This malware was reported by: Sophos
W32/Mytob-O
This malware was reported by: Sophos
W32/Mytob-Q
This malware was reported by: Sophos
Troj/Bancos-BY
This malware was reported by: Sophos
VBS/Ardin
This malware was reported by: Network Associates Inc
This VBS/Ardin affects users who have the Windows Scripting Host (part of Internet Explorer 5), and Microsoft Outlook installed.
VBS/Ardin arrives in an email with the following characteristics:
Subject : hey
Body : who are u
Downloader-NI
This malware was reported by: Network Associates Inc
Downloader-MP
This malware was reported by: Network Associates Inc
Downloader-LT
This malware was reported by: Network Associates Inc
Downloader-LG
This malware was reported by: Network Associates Inc
VBS/Yksk
This malware was reported by: Network Associates Inc
This virus overwrites the local HOSTS file (such as c:windowssystem32driversetchosts) to prevent the local system from accessing domain names. It also attempts to connect to a remote website, to download and automatically execute several fi
VBS/Umbriel.b
This malware was reported by: Network Associates Inc
When run, the virus may try to delete the following directorys:
"C:Program filesNorton AntiVirus"
"C:Program filesAVP"
"C:Program filesSYMANTEC"
VBS/Umbriel.b also creates the file windows.cmd in the windows directory which contains c
VBS/SSIWG.worm
This malware was reported by: Network Associates Inc
This VBS/SSIWG.worm affects users who have the Windows Scripting Host (part of Internet Explorer 5), and Microsoft Outlook installed.
VBS/SSIWG.worm arrives in an email with the following characteristics:
Subject : Re: Counterstrike
W32/Mytob-R
This malware was reported by: Sophos
W32/Stubbot-A
This malware was reported by: Sophos
W32.Mytob.AA@mm
This malware was reported by: Symantec
W32.Mytob.AA@mm is a mass-mailing worm that uses it own SMTP engine to send an email to addresses that it gathers from files on the compromised computer. The email has a variable subject and attachment name. The attachment will have a .bat, .cmd, .doc,
Troj/Bdoor-ZAT
This malware was reported by: Sophos
Troj/BankAsh-F
This malware was reported by: Sophos
Troj/Agent-CZ
This malware was reported by: Sophos
W32/Rbot-ZN
This malware was reported by: Sophos
SymbOS/Mabir
This malware was reported by: Network Associates Inc
This is a new worm that uses Bluetooth communication and Multimedia-Messaging to transmit iself in the form of a Symbian SIS package from one mobile phone to another. The worm works on "Series60" mobile devices. P
More details will be poste
VBS.Ypsan.B@mm
This malware was reported by: Symantec
VBS.Ypsan.B@mm is a mass-mailing worm that also attempts to propagate through file-sharing networks.
W32.Kelvir.M
This malware was reported by: Symantec
W32.Kelvir.M is a worm that spreads through MSN Messenger and drops a variant of W32.Spybot.Worm.
Mytob.S
This malware was reported by: Panda Software
Mytob.S is a worm with backdoor characteristics. It connects to a server and accepts remote control commands that are run in the affected computed.In addition to this, Mytob.S prevents the user from accessing certain web pages belonging to antivirus comp
Mytob.U
This malware was reported by: Panda Software
Mytob.U is a worm with backdoor characteristics. It connects to a server and accepts remote control commands that are run in the affected computed.In addition to this, Mytob.U prevents the user from accessing certain web pages belonging to antivirus comp