Generic Downloader.aj
This malware was reported by: Network Associates Inc
Generic Downloader.ai
This malware was reported by: Network Associates Inc
Generic Downloader.ah
This malware was reported by: Network Associates Inc
Generic Downloader.ag
This malware was reported by: Network Associates Inc
Generic Downloader.af
This malware was reported by: Network Associates Inc
Generic Downloader.ae
This malware was reported by: Network Associates Inc
Generic Downloader.ad
This malware was reported by: Network Associates Inc
Generic Downloader.ac
This malware was reported by: Network Associates Inc
Generic Downloader.ab
This malware was reported by: Network Associates Inc
Generic Downloader.aa
This malware was reported by: Network Associates Inc
Adware-Globosearch
This malware was reported by: Network Associates Inc
Puper
This malware was reported by: Network Associates Inc
Joke-Elite
This malware was reported by: Network Associates Inc
Evul joke
This malware was reported by: Network Associates Inc
Joke-FakeReboot
This malware was reported by: Network Associates Inc
Joke-FakeDel
This malware was reported by: Network Associates Inc
Joke-FlaGhost
This malware was reported by: Network Associates Inc
Joke-FakeStart
This malware was reported by: Network Associates Inc
Joke-Hearts
This malware was reported by: Network Associates Inc
Joke-HappyHoli
This malware was reported by: Network Associates Inc
Joke-Gspot
This malware was reported by: Network Associates Inc
Joke-Futray
This malware was reported by: Network Associates Inc
Joke-Friendly
This malware was reported by: Network Associates Inc
Joke-Idot
This malware was reported by: Network Associates Inc
BKDR_LITBOT.C
This malware was reported by: Trendmicro
When executed, this backdoor program drops and executes a copy of itself in the Windows folder using the same file name as the originally executed file. After executing its copy, it then deletes the original file.
Joke-Lady
This malware was reported by: Network Associates Inc
Joke-Jkozd
This malware was reported by: Network Associates Inc
Joke-Illegal
This malware was reported by: Network Associates Inc
Cardblock.A
This malware was reported by: F-Secure
SymbOS/Cardblock.A is a trojanized version of Symbian application
InstantSis created by Biscompute.
When installed Cardblock.A appears be a cracked version of InstallSis
providing user with ability to repack already installed SIS files and
copy the
WORM_SDBOT.CIL
This malware was reported by: Trendmicro
This worm spreads via AOL Instant Messenger, a popular instant messaging application.
Joke-Lamicho
This malware was reported by: Network Associates Inc
Backdoor.Sparta.D
This malware was reported by: Symantec
Backdoor.Sparta.D is Trojan horse that opens a back door, which can be controlled through IRC channels by a remote attacker.
Adware-EZSearch.dr
This malware was reported by: Network Associates Inc
Trojan.Startpage.Q
This malware was reported by: Symantec
Trojan.Startpage.Q is a Trojan horse that attempts to change the Internet Explorer home page and related registry keys.
Adware-Ezula.dr
This malware was reported by: Network Associates Inc
Puper.dll
This malware was reported by: Network Associates Inc
Adware-TSADB
This malware was reported by: Network Associates Inc
Adware-SafeSurf
This malware was reported by: Network Associates Inc
Generic Downloader.q
This malware was reported by: Network Associates Inc
WORM_WURMARK.S
This malware was reported by: Trendmicro
Like other WURMARK variants, this memory-resident worm arrives on a system via email messages. It propagates by sending email messages with a zipped copy of itself as an attachment. Refer to the Technical Details section for the details of the email
WORM_ZOTOB.P
This malware was reported by: Trendmicro
Like other ZOTOB variants, this memory-resident worm takes advantage of the Microsoft Windows Plug and Play vulnerability to propagate across networks. For more information regarding the said vulnerability, refer to the following Microsoft Web page:
SYMBOS_CARDBLK.A
This malware was reported by: Trendmicro
This Symbian malware affects mobile devices running the Symbian operating system with the Series 60 Platform user interface. Some of the mobile phones affected by this malware are the following:
Eyeveg.N
This malware was reported by: Computer Associates
Description Win32.Eyeveg.N is a worm that spreads via e-mail, and may be ordered by a remote controller to also spread via network shares. It acts as a keylogger, al
Eyeveg.O
This malware was reported by: Computer Associates
Description Win32.Eyeveg.O is a worm that spreads via e-mail, and may be ordered by a remote controller to also spread via network shares. It acts as a keylogger, al
Eyeveg.M
This malware was reported by: Computer Associates
Description Win32.Eyeveg.M is a worm that spreads via e-mail, and may be ordered by a remote controller to also spread via network shares. It acts as a keylogger, al
Possibot.C
This malware was reported by: Computer Associates
Wreckage.A
This malware was reported by: Computer Associates
Description Win32.Wreckage.A is a worm which spreads via e-mail and Peer to Peer file sharing networks.
Alcan.F
This malware was reported by: Computer Associates
Description Win32.Alcan.F is a worm that spreads via peer-to-peer file sharing networks. It has been distributed as a 380,928-byte, Win32 executable.
Downloader-ABZ
This malware was reported by: Network Associates Inc
QDial-34
This malware was reported by: Network Associates Inc
SYMBOS_FONTAL.E
This malware was reported by: Trendmicro
This Symbian malware affects mobile devices running on Symbian operating system with the Series 60 Platform user interface. Some of the affected phone models are the following:
Adware-BB.dr
This malware was reported by: Network Associates Inc
W32/Guap.worm
This malware was reported by: Network Associates Inc
This is a worm that "spreads" via a hyperlink that is received via AOL Instant Messenger. Recipients may receive a message such as:
found your picture! is this you?
hey, you have to try this out...
Following the hyperlink results
SYMBOS_FONTAL.D
This malware was reported by: Trendmicro
This Symbian malware affects mobile devices running on Symbian operating system with the Series 60 Platform user interface. Some of the affected phone models are the following:
WORM_ANIXMA.A
This malware was reported by: Trendmicro
W32.Mytob.JW@mm
This malware was reported by: Symantec
W32.Mytob.JW@mm is a mass-mailing worm that opens a back door and lowers security settings on the compromised computer.
Trojan.Spbot.C
This malware was reported by: Symantec
Trojan.Spbot.C is a Trojan horse that allows a compromised computer to be used as a covert proxy.
W32.Rontokbro.B@mm
This malware was reported by: Symantec
W32.Rontokbro.B@mm is a mass-mailing worm that causes system instability.
SymbOS.Fontal.B
This malware was reported by: Symantec
SymbOS.Fontal.B is a Trojan horse that drops corrupt files on to the compromised device. The Trojan runs on the Symbian OS, which is used as the operating system for Nokia Series 60 cellular telephones.
SymbOS.Cardblock.A
This malware was reported by: Symantec
SymbOS.Cardblock.A is a Trojan horse that affects Symbian series 60 phones.
Generic Downloader.gen.be
This malware was reported by: Network Associates Inc
Cardtrap.C
This malware was reported by: F-Secure
Cardtrap.C is a minor variation of Cardtrap.A, the main differences are
that Cardtrap.C does not contain Windows worms. Instead the Cardtap.C
contains non-working Windows component of Lasco.A,
The Windows component of Lasco.A is copied on phone memo
Skulls.R
This malware was reported by: F-Secure
Skulls.R is a combination of several previous Skulls variants.
Skulls.R contains component files from Skulls.A and Skulls.B.
Skulls.R also drops SymbOS/Mabir.A in to the device.
Your computer is protected
This malware was reported by: F-Secure
Default Page
This malware was reported by: F-Secure
Bifrose
This malware was reported by: F-Secure
Bifrose is a stealthy backdoor that allows remote access to infected machine.
It is usually installed to system by a trojan dropper.
Banker.AXW
This malware was reported by: Panda Software
Banker.AXW is a Trojan that monitors the windows whose title bar contains certain text strings, mostly related to banking entities. Then, it logs the keystrokes entered in those windows, so that it can capture passwords and other sensitive data.This Troj
Backdoor.Haxdoor.F
This malware was reported by: Symantec
Backdoor.Haxdoor.F is a Trojan horse program that opens a covert proxy on the compromised computer.
Format.A
This malware was reported by: Panda Software
Format.A is a Trojan that pretends to be a tool developed to run unsigned code in the console PSP (PlayStation Portable). However, when it is run, it deletes key files for the correct functioning of the console, which as a result, will not be able to sta
WORM_COMBRA.E
This malware was reported by: Trendmicro
This memory-resident worm propagates by sending an email message with a spoofed email address for its From field. This technique may lead a user into thinking that the email has been sent by a peer and is therefore non-malicious.
Backdoor.Tjserv.D
This malware was reported by: Symantec
Backdoor.Tjserv.D is a back door Trojan horse that acts as a HTTP, SOCKSv4, and SOCKSv5 proxy.
WORM_MYTOB.KV
This malware was reported by: Trendmicro
Like other MYTOB variants, this memory-resident worm propagates by attaching a copy of itself to an email message, which it sends to target recipients using its own Simple Mail Transfer Protocol (SMTP) engine. Using its own SMTP engine makes it easi
SymbOS.Fontal.C
This malware was reported by: Symantec
SymbOS.Fontal.C is a Trojan horse that affects Symbian series 60 phones and causes the compromised device to continuously restart.
W32.Spybot.YCL
This malware was reported by: Symantec
W32.Spybot.YCL is a worm that has distributed denial of service and back door capabilities. The worm spreads by exploiting vulnerabilities and backdoors left by other malware.
Exploit-MSJet
This malware was reported by: Network Associates Inc
W32.Besam
This malware was reported by: Symantec
W32.Besam is a worm that spreads to floppy disks. It also overwrites the autoexec.bat file.
BackDoor-CUX
This malware was reported by: Network Associates Inc
AdClicker-DI
This malware was reported by: Network Associates Inc
PWS-RemotePassSteal
This malware was reported by: Network Associates Inc
W32.Comdor.K@mm
This malware was reported by: Symantec
W32.Comdor.K@mm is a worm that sends a HTML formatted email with links that will download a copy of itself.
It also downloads a variant of PWSteal.Bancos to the compromised computer.
WORM_DREFIR.D
This malware was reported by: Trendmicro
Like earlier DREFIR variants, this memory-resident worm has the capability to spread via email and Internet Relay Chat (IRC).
WORM_MYTOB.KX
This malware was reported by: Trendmicro
WORM_SOBER.AC
This malware was reported by: Trendmicro
As of October 6, 2005, 5:52 am TrendLabs has declared a Medium risk alert in order to control this new SOBER variant that is currently spreading in USA, Japan, and Germany.
W32/Sober.r@MM
This malware was reported by: Network Associates Inc
-- Update 19:45 PDT --
The risk assessment of this threat has been raised to Medium do to prevalence.
If you think that you may be infected with Sober.r, and are unsure how to check your system, you may
download the Stinger tool
W32.Sober.Q
This malware was reported by: Symantec
Sober.P
This malware was reported by: Computer Associates
Description Win32.Sober.P is a worm that spreads via e-mail. The e-mail messages can be either in English or German. It has been distributed as a 113,551-byte, UPX-p
Sober.Y
This malware was reported by: Panda Software
Sober.Y is a worm that spreads via email, in a message written in English or German.The email message will be written in German only if the mail domain extension is one of the following: de (Germany), ch (Switzerland), at (Austria) or li (Liechtenstein).
W32.Sober.Q@mm
This malware was reported by: Symantec
Sober.S
This malware was reported by: F-Secure
Sober.S worm started spreading on October 6th, 2005. This Sober
variant sends itself as an attachment in e-mail messages with
English or German texts. The worm has bugs and quite often sends
broken attachments.
In addition, at about noon on October 6
VB.iv
This malware was reported by: F-Secure
We started to get reports about a new dropper for Sober.S worm at
noon on October 6th, 2005. This dropper drops exactly the same
Sober.S variant that started to spread early in the morning. When
the dropper is run, it shows a messagebox as a decoy:
W32.Sober.R@mm
This malware was reported by: Symantec
Sober.S.dr
This malware was reported by: F-Secure
We started to get reports about a new dropper for Sober.S worm at
noon on October 6th, 2005. This dropper drops exactly the same
Sober.S variant that started to spread early in the morning. When
the dropper is run, it shows a messagebox as a decoy:
W32/Sober.r.dr
This malware was reported by: Network Associates Inc
W32/Bagle.df@MM
This malware was reported by: Network Associates Inc
This mass-mailing worm arrives as an email attachment in a message with the following characteristics:From:
(spoofed / forged)
Subject:
The subject line is one of the following:
Re: Msg reply
Re: Hello
Re:
Re:
Re: Yahoo!
WORM_BAGLE.BT
This malware was reported by: Trendmicro
Similar to previous BAGLE variants, this worm propagates via email and via peer-to-peer networks.
Trojan.PSPBrick
This malware was reported by: Symantec
Trojan.PSPBrick is a Trojan horse that deletes critical system files on a Playstation Portable device, preventing the device from restarting correctly.
W32.Mytob.KC@mm
This malware was reported by: Symantec
W32.Mytob.KC@mm is a mass-mailing worm that opens a back door and lowers security settings on the compromised computer.
Downloader-AFV
This malware was reported by: Network Associates Inc
Trojan.Satiloler
This malware was reported by: Symantec
Trojan.Satiloler is a Trojan horse that attempts to steal user names, passwords, and other computer information. It also attempts to open a proxy server on a random TCP port.
Spyware-Softprob
This malware was reported by: Network Associates Inc