Adware-NDotNet
This malware was reported by: Network Associates Inc
VBS.Stefan
This malware was reported by: Symantec
VBS.Stefan is a VBScript worm that attempts to spread to other computers through file-sharing networks and lowers security settings.
SymbOS/MultiDropper.H
This malware was reported by: Network Associates Inc
Wonka
This malware was reported by: Computer Associates
SymbOS/MultiDropper.I
This malware was reported by: Network Associates Inc
Appdisabler.E
This malware was reported by: F-Secure
Appdisabler.E is a malicious SIS file trojan, which tries to disable
Symbian built in applications and drops SymbOS/Cabir.B into the device.
Cardtrap.B
This malware was reported by: F-Secure
Cardtrap.B is a minor variation of Cardtrap.A, the main differences are
that Cardtrap.B drops corrupted binaries from Doomboot.A and copies one
additional copy of Win32/Padobot.Z to memory card.
The Cardtrap.B installs Windows worms Win32/Padobot.Z
Fontal.E
This malware was reported by: F-Secure
Fontal.E is a SIS file trojan that installs corrupted Font file into infected device,
thus causing the device to fail at next reboot.
If a phone is infected with Fontal.E, it must not be rebooted as the
trojan will prevent the phone from booting aga
Fontal.F
This malware was reported by: F-Secure
Fontal.F is a SIS file trojan that installs corrupted Font file into infected device,
thus causing the device to fail at next reboot.
If a phone is infected with Fontal.F, it must not be rebooted as the
trojan will prevent the phone from booting aga
SymbOS/MultiDropper.J
This malware was reported by: Network Associates Inc
Adware-DNSErr
This malware was reported by: Network Associates Inc
Adware-HitHopper
This malware was reported by: Network Associates Inc
Adware-Bazookabar
This malware was reported by: Network Associates Inc
SymbOS/MultiDropper.K
This malware was reported by: Network Associates Inc
Multidrp.A
This malware was reported by: Panda Software
Multidrp.A is a Trojan that that only affects cellular phones that use the operating system Symbian 60 series.Multidrp.A disables certain applications by overwriting their main executable files with a copy of itself. Some of these applications belong to
SymbOS.Cardtrp.B
This malware was reported by: Symantec
SymbOS.Cardtrp.B is a Trojan horse that runs on the Symbian operating system, which is used in Nokia Series 60 cellular telephones.
The Trojan also drops W32.Ifbo.A, Backdoor.Berbew.N, W32.Wullik@mm, SymbOS.Cabir.B, and disables several applications on
TROJ_DROPPER.LZ
This malware was reported by: Trendmicro
WORM_MYTOB.KO
This malware was reported by: Trendmicro
This memory-resident worm propagates by sending out an email message containing a spoofed URL that when clicked, redirects a user to the following Web site:
SYMBOS_CARDTRP.B
This malware was reported by: Trendmicro
This Symbian malware affects mobile devices running on Symbian operating system with the Series 60 Platform user interface. Some of the affected phone models are the following:
W32.Rontokbro@mm
This malware was reported by: Symantec
W32.Rontokbro@mm is a mass-mailing worm that causes system instability.
Adware-Chitika
This malware was reported by: Network Associates Inc
W32.Autex.C
This malware was reported by: Symantec
W32.Autex.C is a worm that spreads by copying itself to mapped drives on a compromised computer.
Zafi.E
This malware was reported by: F-Secure
A new variant of Zafi worm - Zafi.E was found on 24th of
September, 2005.
For more information on the Zafi family, see description of
Zafi.D at:
http://www.f-secure.com/v-descs/zafi_d.shtml
Backdoor.Sdbot.AS
This malware was reported by: Symantec
Backdoor.Sdbot.AS is a Trojan horse program that opens a back door and lowers security settings on the compromised computer.
WORM_NETSKY.AL
This malware was reported by: Trendmicro
This worm propagates via email. It sends out copies of itself as an attachment to email messages using its own SMTP
WORM_LOVELETER.A
This malware was reported by: Trendmicro
W32.Erkez.F@mm
This malware was reported by: Symantec
W32.Erkez.F@mm is a mass-mailing worm that sends itself to email addresses gathered from the compromised computer. It attempts to disable antivirus and security processes.
WORM_SUCLOVE.A
This malware was reported by: Trendmicro
This memory-resident worm drops a copy of itself as LOVELETTER.DOC.EXE in the Windows folder. It then drops copies of itself into the Windows system folder and the root folder (usually C:). It also drops a copy of itself in drive A: as the file
WORM_ZAFI.E
This malware was reported by: Trendmicro
Upon execution, this memory-resident worm displays the following message box on an affected system:
Adware-Medload
This malware was reported by: Network Associates Inc
W32.Suclove.A@mm
This malware was reported by: Symantec
W32.Suclove.A@mm is a mass-mailing worm that uses MS Outlook to send a copy of itself to other users. It also spreads through MIRC, and opens a back door.
X97M/Majo.gen
This malware was reported by: Network Associates Inc
As this is a generic detection, the details below may not precisely match the symptoms seen with this detection. The description below is of the most common variant received by AVERT.
This is a macro virus for Excel workbooks. The infecting
Skulls.P
This malware was reported by: F-Secure
Skulls.P is a combination of several previous Skulls variants.
Skulls.P contains component files from Skulls.D and Skulls.N among
other variants.
Skulls.P also drops SymbOS/Mabir.A and several Cabir variants on the
phone and component files from Fon
Crypt.O
This malware was reported by: F-Secure
Skudoo.A
This malware was reported by: F-Secure
Skudoo.A is a combination of several previous Skulls variants.
Skudoo.A contains component files from Skulls.D and Skulls.N among
other variants.
Skudoo.A also drops several Cabir variants on the
phone and component files Doomboot.A trojan.
The Doo
Skudoo.B
This malware was reported by: F-Secure
Skudoo.B is a combination of several previous Skulls variants.
Skudoo.B contains component files from Skulls.D and Skulls.N among
other variants.
Skudoo.B also drops several Cabir variants on the
phone and component files Doomboot.A trojan.
The Doo
W32.Netsky.AN@mm
This malware was reported by: Symantec
W32.Netsky.AN@mm is a mass-mailing worm which also spreads through shared network folders.
PWSteal.Okarag
This malware was reported by: Symantec
PWSteal.Okarag is a Trojan Horse that attempts to steal information related to the Ragnarok online game, and send it to a predetermined email address.
Note: Virus definitions dated September 26th 2005 or earlier may detect this threat as PWSteal.Ragnaro
PWSteal.Okarag
This malware was reported by: Symantec
PWSteal.Okarag is a Trojan Horse that attempts to steal information related to the Ragnarok online game, and send it to a predetermined email address.
Note: Virus definitions dated September 26th 2005 or earlier may detect this threat as PWSteal.Ragnaro
Backdoor.Dagonit
This malware was reported by: Symantec
Backdoor.Dagonit is a Trojan horse that opens a back door on the compromised computer and allows a remote attacker unauthorized access.
Adware-ActivShop
This malware was reported by: Network Associates Inc
Keylog-Family
This malware was reported by: Network Associates Inc
Adware-BonziBuddy.dr
This malware was reported by: Network Associates Inc
W32.Mydoom.CI@mm
This malware was reported by: Symantec
W32.Mydoom.CI@mm is a mass-mailing worm that opens a back door and uses its own SMTP engine to spread through email.
Adware-7FaSSt
This malware was reported by: Network Associates Inc
Adware-SpeedBar
This malware was reported by: Network Associates Inc
Adware-AdPopper
This malware was reported by: Network Associates Inc
NTPacker
This malware was reported by: Computer Associates
Appdisabler.F
This malware was reported by: F-Secure
Appdisabler.F is a malicious SIS file trojan, which tries to disable
Symbian built in applications.
Skulls.Q
This malware was reported by: F-Secure
Skulls.Q is a combination of several previous Skulls variants.
Skulls.Q contains component files from Skulls.D and Skulls.N among
other variants.
Skulls.Q also drops SymbOS/Commwarrior.B and several Cabir variants on the
phone and component files fr
W32/Suclove@MM
This malware was reported by: Network Associates Inc
This is a mass-mailing worm that uses Microsoft Outlook to send itself to all users found in the Outlook address book.
It can also spread via IRC.
It opens a TCP port on the infected machine to allow remote execution of arbitary program
PWSteal.Gamanlock
This malware was reported by: Symantec
PWSteal.Gamanlock is a Trojan horse that steals information and sends it to predetermined Web servers.
PWS-AOLPhish
This malware was reported by: Network Associates Inc
Downloader-IF
This malware was reported by: Network Associates Inc
W97M.Rodun
This malware was reported by: Symantec
W97M.Rodun is a destructive macro virus that deletes files in certain folders and infects the Normal.dot file.
Backdoor.Hesive
This malware was reported by: Symantec
Backdoor.Hesive is a Trojan horse that opens a back door on the compromised computer and allows a remote attacker unauthorized access. The Trojan may arrive as a Microsoft Access file that exploits the Microsoft Jet Database Engine Malformed Database F
Backdoor.Banito
This malware was reported by: Symantec
Backdoor.Banito is a Trojan horse that logs keystrokes and opens a back door allowing a remote attacker to have unauthorized access to the compromised computer.
WorldAntiSpy
This malware was reported by: Panda Software
BKDR_IRCBOT.AV
This malware was reported by: Trendmicro
This backdoor may arrive on a system when a user clicks on a link within an instant message sent via AOL Instant Messenger. The said message appears as follows:
Fantibag
This malware was reported by: Network Associates Inc
WORM_RONTOKBRO.A
This malware was reported by: Trendmicro
Sdbot.FEX
This malware was reported by: Panda Software
WORM_RBOT.BRQ
This malware was reported by: Trendmicro
This worm arrives from network shares. It may also be downloaded from a certain Web site. As of this writing, however, the said site is inaccessible.
Trojan.Neasemal
This malware was reported by: Symantec
Trojan.Neasemal is a Trojan horse that connects to a predetermined Web site to get an IP address list. The Trojan then connects to each of the IP addresses listed and attempts to download and execute a file. It also logs keystrokes and saves them to a fi
Adware-BestOffers
This malware was reported by: Network Associates Inc
Trojan.Mdropper.C
This malware was reported by: Symantec
Trojan.Mdropper.C is a Trojan horse that drops a file on the compromised computer. It spreads by exploiting the Microsoft Visual Basic For Applications Document Handling Buffer Overrun Vulnerability (as described in the Microsoft Security Bulletin MS03
WORM_RONTOKBRO.B
This malware was reported by: Trendmicro
SYMBOS_FONTAL.C
This malware was reported by: Trendmicro
This malware affects mobile devices running under the Symbian OS with the Series 60 Platform user interface. Some of the affected mobile phones are Nokia 3650, Nokia 6600, Nokia 7650, Panasonic X700, Siemens SX1, and Sendo X.
W32/Mytob.gen@MM!14e3
This malware was reported by: Network Associates Inc
This variant is detected as W32/Mytob.gen@MM
with the 4564 DAT files, or newer.
This detection is for a mass-mailing worm that combines W32/Mydoom@MM functionality with W32/Sdbot.worm functionality.
Mail Propagation
The virus a
WORM_MYTOB.KR
This malware was reported by: Trendmicro
This worm arrives as an attachment to certain email messages. The email message usually poses as an account notification in order to trick a user into downloading and executing the attachment.
Alemod.I
This malware was reported by: Computer Associates
Eyeveg.L
This malware was reported by: Computer Associates
Description Win32.Eyeveg.L is a worm that spreads via e-mail, and may be ordered by a remote controller to also spread via network shares. It acts as a keylogger, al
Dampig.B
This malware was reported by: F-Secure
Dampig.B is a malicious SIS file dropper, that pretends to be
a pirate copied versopn of FaceWave application.
The Dampig.B disables some system applications and third party file managers
and installs several variants of Cabir worm on the phone.
The
W32.Alcra.D
This malware was reported by: Symantec
W32.Alcra.D is a worm that spreads through the Limewire file-sharing network. It attempts to disable several programs and drop a W32.Spybot.Worm variant on the compromised computer.
W32.Magflag.A@mm
This malware was reported by: Symantec
W32.Magflag.A@mm is a mass-mailing worm that also spreads to file sharing networks. It also downloads and execute remote files.
Appdisabler.G
This malware was reported by: F-Secure
Appdisabler.G is a malicious SIS file trojan, which tries to disable
Symbian built in and third party applications and drops
several different variants of SymbOS/Cabir into the device.
VMProtect
This malware was reported by: F-Secure
VMProtect is a Russian-made security envelope and file compressor
utility that makes reverse engineering of protected software
quite difficult. According to reports, VMProtect has been lately
used to obfuscate malicious software, so heuristic detectio
WORM_YABE.B
This malware was reported by: Trendmicro
This memory-resident worm spreads copies of itself as an attachment to email messages that it sends to target recipients using its own Simple Mail Transfer Protocol (SMTP) engine. This SMTP engine enables this worm to send bulk messages without havi
W32/Mytob.worm!1068
This malware was reported by: Network Associates Inc
This detection is for a mass-mailing worm that combines W32/Mydoom@MM functionality with W32/Sdbot.worm functionality.
Mail Propagation
The virus arrives in an email message as follows:
From:
(Spoofed email sender)
Do not ass
W32/Mytob.gen@MM!1bf
This malware was reported by: Network Associates Inc
This detection is for a mass-mailing worm that combines W32/Mydoom@MM functionality with W32/Sdbot.worm functionality.
Mail Propagation
The virus arrives in an email message as follows:
From:
(Spoofed email sender)
Do not ass
Backdoor.Novacal
This malware was reported by: Symantec
Backdoor.Novacal is a back door server program that allows a remote attacker unauthorized access to a compromised computer.
Agent.APB
This malware was reported by: Panda Software
Sdbot.FEP
This malware was reported by: Panda Software
New Malware.t
This malware was reported by: Network Associates Inc
Downloader-AFN
This malware was reported by: Network Associates Inc
W32/Randbot.worm.dam
This malware was reported by: Network Associates Inc
This is a generic detection for W32/Sdbot.worm. For more information, please see:
http://vil.nai.com/vil/content/v_100454.htm
If the detection name suffix is ".dam" then the worm is damaged and does not execute.
Top of Page
W32/Mytob.worm!1e
This malware was reported by: Network Associates Inc
This variant is detected as W32/Mytob.worm with the 4545 DAT files, or newer.
This detection is for a mass-mailing worm that combines W32/Mydoom@MM functionality with W32/Sdbot.worm functionality.
Mail Propagation
The virus arrives
W32/Mytob.worm!212f
This malware was reported by: Network Associates Inc
This variant is detected as W32/Mytob.worm with the 4545 DAT files, or newer.This detection is for a mass-mailing worm that combines W32/Mydoom@MM functionality with W32/Sdbot.worm functionality.
Mail Propagation
The virus arrives i
Adware-MediaTickets
This malware was reported by: Network Associates Inc
W32/Mytob.gen@MM!289d
This malware was reported by: Network Associates Inc
This variant is detected as W32/Mytob.gen@MM
with the 4564 DAT files, or newer.
This detection is for a mass-mailing worm that combines W32/Mydoom@MM functionality with W32/Sdbot.worm functionality.
Mail Propagation
The virus a
W32/Mytob.ej@MM
This malware was reported by: Network Associates Inc
This variant is detected as W32/Mytob.gen@MM
with the 4590 DAT files, or newer.
This detection is for a mass-mailing worm that combines W32/Mydoom@MM functionality with W32/Sdbot.worm functionality.
Mail Propagation
The virus a
Generic AdClicker.b
This malware was reported by: Network Associates Inc
Generic AdClicker.a
This malware was reported by: Network Associates Inc
Generic AdClicker.g
This malware was reported by: Network Associates Inc
Generic AdClicker.e
This malware was reported by: Network Associates Inc
Generic AdClicker.f
This malware was reported by: Network Associates Inc
Generic AdClicker.d
This malware was reported by: Network Associates Inc
Generic AdClicker.c
This malware was reported by: Network Associates Inc
Generic Downloader.ak
This malware was reported by: Network Associates Inc
Generic Downloader.aj
This malware was reported by: Network Associates Inc