W32/Mytob.i@MM
This malware was reported by: Network Associates Inc
This detection is for a mass-mailing worm that combines W32/Mydoom@MM functionality with W32/Sdbot.worm functionality.
The virus arrives in an email message as follows:
From:
(Spoofed email sender)
Do not assume that the apparent s
RemAdm-RemoteAdmin
This malware was reported by: Network Associates Inc
NTRootKit-D.ini
This malware was reported by: Network Associates Inc
W32.Kassbot.A
This malware was reported by: Symantec
W32.Kassbot.A is a network-aware worm that opens a back door through IRC. The worm monitors for access to certain financial Web sites, logging keystrokes when they are visited.
W32/Mytob.k@MM
This malware was reported by: Network Associates Inc
This detection is for a mass-mailing worm that combines W32/Mydoom@MM functionality with W32/Sdbot.worm functionality.
Mail Propagation
The virus arrives in an email message as follows:
From:
(Spoofed email sender)
Do not assu
W32/Mytob.j@MM
This malware was reported by: Network Associates Inc
This detection is for a mass-mailing worm that combines W32/Mydoom@MM functionality with W32/Sdbot.worm functionality.
The virus arrives in an email message as follows:
From:
(Spoofed email sender)
Do not assume that the apparent s
W32/Sober.q!spam
This malware was reported by: Network Associates Inc
This detection covers email message spammed by the W32/Sober.q trojan
. The messages do not contain an attachment and are not infectious.
Top of Page
W32/Mytob-CK
This malware was reported by: Sophos
Troj/Zapchas-J
This malware was reported by: Sophos
Linux/Exploit-Race30
This malware was reported by: Network Associates Inc
W32/Oscabot-F
This malware was reported by: Sophos
BackDoor-CQZ
This malware was reported by: Network Associates Inc
W32.Mytob.CM@mm
This malware was reported by: Symantec
W32.Mytob.CM@mm is a mass-mailing worm that has back door capabilities and uses its own SMTP engine to send an email to addresses that it gathers from the compromised computer. The worm spreads through the network by exploiting the Microsoft Windows DC
Druogna
This malware was reported by: Network Associates Inc
Trojan.Dazheb
This malware was reported by: Symantec
Trojan.Dazheb is a Trojan horse that steals account details for dialup accounts and Yahoo Instant Messenger accounts, and sends this stolen information to a chosen email address. The Trojan may also download and execute a remote file from a specified URL
W32/Opanki-I
This malware was reported by: Sophos
W32/Netsky-C
This malware was reported by: Sophos
Troj/Vidlo-J
This malware was reported by: Sophos
W32/Sdbot-YJ
This malware was reported by: Sophos
W32.Linkbot.M
This malware was reported by: Symantec
W32.Linkbot.M is a worm that exploits the Microsoft Windows LSASS Buffer Overrun Vulnerability (Microsoft Security Bulletin MS04-011) in order to propagate. It also creates a back door on the system accessible through IRC.
Note: Definitions prior to Ma
W32.Yami.A
This malware was reported by: Symantec
W32.Yami.A is a file infector virus that infects Windows Portable Executable (PE) files on Windows XP systems. It injects itself into kernel memory and monitors file activity. The virus uses slack space to infect executable files, therefore infected file
W32/Mytob-AM
This malware was reported by: Sophos
W32/Kassbot-D
This malware was reported by: Sophos
Downloader-AAZ
This malware was reported by: Network Associates Inc
W32/Kelvir.worm.bh
This malware was reported by: Network Associates Inc
This threat was proactively detected as New Malware.h when scanning with program heuristics enabled.
This worm spreads via MSN Messenger (Note: Not the Windows Messenger service). The worm, sends the following message to Contact List recip
W32/Mytob-AN
This malware was reported by: Sophos
W32/Mytob-EM
This malware was reported by: Sophos
W32.Mytob.CP@mm
This malware was reported by: Symantec
W32.Mytob.CP@mm is a mass-mailing worm that has back door capabilities and uses its own SMTP engine to send an email to addresses that it gathers from the compromised computer. The worm spreads through the network by exploiting the Microsoft Windows Lo
Trojan.Pgpcoder
This malware was reported by: Symantec
Trojan.Pgpcoder is a Trojan horse which searches for files with various extensions and encodes them. The original files are then deleted and the newly encoded ones become unreadable.
W32/Mytob-CL
This malware was reported by: Sophos
Wurmark.L
This malware was reported by: F-Secure
Wurmark.L is an e-mail worm that spreads using several different languages.
It also drops a variant of Rbot on the infected system.
W32.Picrate.C@mm
This malware was reported by: Symantec
W32.Picrate.C@mm is a mass-mailing worm that sends copies of itself to instant messenger contacts and drops a variant of the W32.Randex family of worms.
W32/Rizon-B
This malware was reported by: Sophos
W32/Agobot-AAZ
This malware was reported by: Sophos
W32.Lanieca.B@mm
This malware was reported by: Symantec
W32.Lanieca.B@mm is a mass-mailing worm that uses its own SMTP engine to send itself to all e-mail addresses it retrieves from various locations on a compromised computer.
PWS-Postb
This malware was reported by: Network Associates Inc
W32.Elipter.F@mm
This malware was reported by: Symantec
W32.Elitper.F@mm
This malware was reported by: Symantec
W32.Elitper.F@mm is a worm that attempts to spreads using MS Outlook and file-sharing networks. It also terminates processes, deletes files, and lowers Windows security settings.
W32/Alcra-A
This malware was reported by: Sophos
W32/Mytob-CK
This malware was reported by: Sophos
Downloader-AAI
This malware was reported by: Network Associates Inc
Del-476
This malware was reported by: Network Associates Inc
W32/LastFour.ow
This malware was reported by: Network Associates Inc
The virus overwrites the existing files on the victim machine.
Upon execution, the virus makes a copy of itself based on the names of the exisiting executables found. Then all original executables(.EXE) are renamed using the last four chara
PWSteal.Bancos.V
This malware was reported by: Symantec
PWSteal.Bancos.V is a password stealing Trojan horse that logs keystrokes and steals information entered into certain banking Web sites. The Trojan may also take screenshots of certain banking Web pages in an attempt to collect passwords and other sensit
W32/Qeds-A
This malware was reported by: Sophos
W32/Farack!p2p
This malware was reported by: Network Associates Inc
PRocKill-CR
This malware was reported by: Network Associates Inc
Del-475
This malware was reported by: Network Associates Inc
Joke-OpenCloseCD
This malware was reported by: Network Associates Inc
Joke-Boredom
This malware was reported by: Network Associates Inc
Small.avu
This malware was reported by: F-Secure
W32/Rbot-ADA
This malware was reported by: Sophos
W32/Netsky-C
This malware was reported by: Sophos
Gorgs.A
This malware was reported by: Panda Software
W32.Mytob.CQ@mm
This malware was reported by: Symantec
W32.Mytob.CQ@mm is a mass-mailing worm that has back door capabilities and uses its own SMTP engine to send an email to addresses that it gathers from the compromised computer. The worm spreads through the network by exploiting the Microsoft Windows Lo
Downloader-ABC
This malware was reported by: Network Associates Inc
Adware-Xupiter
This malware was reported by: Network Associates Inc
W32/Mytob-I
This malware was reported by: Sophos
W32/Sdbot-YJ
This malware was reported by: Sophos
Downloader-ABD
This malware was reported by: Network Associates Inc
W32/Opanki.worm
This malware was reported by: Network Associates Inc
As of May 24, 2005, there are more than 20 known variants of this worm.
This threat "spreads" via a hyperlink that is received via AOL Instant Messenger. Recipients may receive a message such as:
hey check out this
hehe :) i found this
PGPcoder
This malware was reported by: Network Associates Inc
Bloodhound.Exploit.37
This malware was reported by: Symantec
Bloodhound.Exploit.37 is a heuristic detection for the Microsoft Word MCW File Handler Buffer Overflow Vulnerability as described in BID 13687.
Troj/Bancban-CW
This malware was reported by: Sophos
W32/Mytob-AN
This malware was reported by: Sophos
Adware-CommonName.dr
This malware was reported by: Network Associates Inc
PWSteal.Bancos.W
This malware was reported by: Symantec
PWSteal.Bancos.W is a password stealing Trojan horse program that logs keystrokes and steals information entered into certain banking Web sites. It may also take screenshots of certain banking web pages in an attempt to collect passwords and other sensit
W32/Mytob-CL
This malware was reported by: Sophos
W32.Kalel.A@mm
This malware was reported by: Symantec
W32.Kalel.A@mm is a mass-mailing worm that uses its own SMTP engine to spread. It also attempts to spread through various file-sharing networks.
W32/Kipis-U
This malware was reported by: Sophos
W32/Mytob-AM
This malware was reported by: Sophos
Mytob.DN
This malware was reported by: Panda Software
Mytob.DN is a worm with backdoor characteristics that connects to an IRC server in order to receive remote control commands, such as delete, download and run files.It downloads other malware to the affected computer, such as the worm detected as Faribot.
W32.Qdens.A
This malware was reported by: Symantec
W32.Qdens.A is a worm that spreads through QQ Messenger and downloads a copy of Backdoor.Powerspider.
PGPCoder.A
This malware was reported by: Panda Software
SdBot.vc
This malware was reported by: F-Secure
W32/Agobot-SN
This malware was reported by: Sophos
W32/Rizon-B
This malware was reported by: Sophos
Dialer-264
This malware was reported by: Network Associates Inc
Troj/Gpcode-B
This malware was reported by: Sophos
W32/Alcra-A
This malware was reported by: Sophos
VBS.Nukip
This malware was reported by: Symantec
VBS.Nukip is a worm that deletes system files and spreads through IRC channels.
PWSteal.Bancos.X
This malware was reported by: Symantec
PWSteal.Bancos.X is a password stealing Trojan horse that logs keystrokes and steals information entered into certain banking Web sites. The Trojan may also take screenshots of certain banking Web pages in an attempt to collect passwords and other sensit
QLowZones-19
This malware was reported by: Network Associates Inc
Troj/Molehut-A
This malware was reported by: Sophos
PWS-Banker.dr.i
This malware was reported by: Network Associates Inc
PWS-Banker.k.gen
This malware was reported by: Network Associates Inc
PWS-IW
This malware was reported by: Network Associates Inc
Joke-Amigo
This malware was reported by: Network Associates Inc
Downloader-TZ
This malware was reported by: Network Associates Inc
InService.gi
This malware was reported by: F-Secure
Trojan-Downloader.Win32.Inservice.gi is a trojan that downloads and
executes three files from the web.
PortScan-Petmar
This malware was reported by: Network Associates Inc
Troj/RNWatch-A
This malware was reported by: Sophos
W32/Rbot-ADA
This malware was reported by: Sophos
W32/Mytob-L
This malware was reported by: Sophos
W32/Mytob-I
This malware was reported by: Sophos
Tool-SRunner
This malware was reported by: Network Associates Inc
Dialer-259
This malware was reported by: Network Associates Inc
HackerDefender.ini
This malware was reported by: Network Associates Inc
Hacktool.Fresilv
This malware was reported by: Symantec
Hacktool.Fresilv is a tool used to generate small programs that download and execute remote files from a specific URL.
W32.Mydoom.BU@mm
This malware was reported by: Symantec