Lovgate.AO
This malware was reported by: Panda Software
 Lovgate.AO is a virus with worm characteristics that only affects Windows 2003/XP/2000/NT computers.In addition, Lovgate.AO infects files with an EXE extension, by adding its code at the beginning and at the end of these files.Lovgate.AO installs a backd

Troj/Legmir-K
This malware was reported by: Sophos
Troj/LegMir-K is a password-stealing Trojan. In order to run automatically when Windows starts up the Trojan copies itself to the file intrenat.exe in the Windows folder and adds the following registry entries: HKLMSoftwareMicrosoftWindowsCurre

Xwxload
This malware was reported by: Network Associates Inc


Troj/Padodo-Fam
This malware was reported by: Sophos


BackDoor-BDJ
This malware was reported by: Network Associates Inc


WORM_LOVGATE.AH
This malware was reported by: Trendmicro
This malware is both worm and backdoor program. To propagate, it drops a list of its copies and components to Windows folder, Windows system folder, and root folder of a certain drive.

WORM_BAGLE.AE
This malware was reported by: Trendmicro
This BAGLE variant propagates via email and network shares.

BackDoor-CFB
This malware was reported by: Network Associates Inc


VBS.Gaggle.E@mm
This malware was reported by: Symantec
VBS.Gaggle.E is a variant of VBS.Gaggle.D. It is a mass-mailing worm that overwrites several files. This worm can infect the following file types: .vbs .vbe .js .jse .hta .htm .html .php .shtm .shtml .phtm .phtml .mht .mhtml .plg .htx The worm ret

Backdoor.Berbew.H
This malware was reported by: Symantec
Backdoor.Berbew.H is a minor variant of Backdoor.Berbew.G. It attempts to steal cached passwords and may display fake windows to gather confidential information.

Troj/HacDef-F
This malware was reported by: Sophos


W32/Rbot-DE
This malware was reported by: Sophos
W32/Rbot-DE is a worm which attempts to spread to remote network shares. It also contains backdoor Trojan functionality, allowing unauthorised remote access to the infected computer via IRC channels while running in the background as a service process

W32.Korgo.X
This malware was reported by: Symantec
W32.Korgo.X is a worm that attempts to propagate by exploiting the Microsoft Windows LSASS Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS04-011) on TCP port 445. This variant also attempts to download and execute a file fro

W32/Lovgate.ag@MM
This malware was reported by: Network Associates Inc
 T his new variant of W32/Lovgate is packed multiple times. Its characteristics are similar to its predecessors, mainly: attempts to copy itself to accessible or poorly secured remote shares, scanning contiguous IP ranges, seeking accessi

W32/Agobot-WD
This malware was reported by: Sophos
W32/Agobot-WD is an IRC backdoor and network worm. W32/Agobot-WD is capable of spreading to computers on the local network that have weak passwords. When first run, W32/Agobot-WD copies itself to the Windows system folder as winxtc.exe and creat

WORM_KORGO.X
This malware was reported by: Trendmicro
To propagate, this worm exploits the Windows LSASS vulnerability, which is a buffer overrun that allows remote code execution and enables an attacker to gain full control of the affected system.

Lovgate.AK
This malware was reported by: Computer Associates
Lovgate.AK is a worm that spreads via e-mail, network shares, exploitation of a Windows RPCSS vulnerability (MS03-039) and the Kazaa file sharing network. I

Reign.Q
This malware was reported by: Computer Associates
Win32.Reign.Q is trojan that opens SOCKS and HTTP proxies on an affected machine. It also contains limited backdoor functionality.

Sced
This malware was reported by: Computer Associates
Win32.Sced are a family of configurable trojans that interfere with Internet Explorer. They have been distributed as 36,864-byte, UPX-packed, Win32 executab

Korgo.Z
This malware was reported by: Panda Software
 Korgo.Z is a worm that spreads via the Internet by exploiting the LSASS vulnerability in remote computers. This vulnerability is critical for Windows XP/2000 operating systems that are not properly updated.Korgo.Z connects to several web sites, to which

Puce.A
This malware was reported by: Computer Associates
Win32.Puce.A is a virus written in Borland C++ that infects files with .EXE extension.

Troj/Keylog-Q
This malware was reported by: Sophos


W32/Lovgate.ah@MM
This malware was reported by: Network Associates Inc
This new variant of W32/Lovgate is packed multiple times. The main characteristics are: attempts to copy itself to accessible or poorly secured remote shares, scanning contiguous IP ranges, seeking accessible IPC$ or ADMIN$ shares. creat

Atak.A
This malware was reported by: Panda Software
 Atak.A is a worm without damaging effects that spreads via e-mail in a message with variable characteristics.Atak.A checks if there is an active debugger in the affected computer, and if so, it stops this program.

W32.Lemoor.A
This malware was reported by: Symantec
W32.Lemoor.A is a worm that spreads by exploiting a vulnerability in the FTP server component of the W32.Sasser family of worms. The worm is written in Assembler and packed with FSG.

W32.Hardoc@mm
This malware was reported by: Symantec
W32.Hardoc@mm is a mass-mailing worm that sends itself to email addresses found in .html files and the Windows address book on the infected computer. This worm uses the Incorrect MIME Header vulnerability (described in Microsoft Security Bulletin MS01-02

W32.Beagle.AA@mm
This malware was reported by: Symantec
W32.Beagle.AA@mm is a mass-mailing worm that uses its own SMTP engine to spread through email and opens a backdoor on TCP port 1234. The email will have a variable subject and a file attachment. The attachment will have a .com, .cpl, .exe, .hta, .scr, .v

Korgo.V
This malware was reported by: Computer Associates
Win32.Korgo.V is a worm that spreads by exploiting the Microsoft Windows LSASS buffer overflow vulnerability. It also opens a backdoor that allows unauthori

Winshow
This malware was reported by: Computer Associates


WinFavorites.A
This malware was reported by: Computer Associates


WORM_LOVGATE.AG
This malware was reported by: Trendmicro


SillyDl
This malware was reported by: Computer Associates


W32/Rbot-DJ
This malware was reported by: Sophos
W32/Rbot-DJ is a member of the W32/Rbot family of worms with backdoor capabilities. In order to run automatically when Windows starts up the worm copies itself to the file updata.exe in the Windows system folder and adds the following registry entr

W32/Rbot-DL
This malware was reported by: Sophos
W32/Rbot-DL is a network worm and backdoor Trojan for the Windows platform. W32/Rbot-DL allows a malicious user remote access to an infected computer. The worm copies itself to a file named winsyst.exe in the Windows system folder and creates the

PE_LOVGATE.AH
This malware was reported by: Trendmicro
This memory-resident file infector spreads through email and network shares. It drops several components and copies of itself in the Windows, Windows system, and root folders.

W32/Lovgate.ai@MM
This malware was reported by: Network Associates Inc
Top of Page

W32.Lovgate.AD@mm
This malware was reported by: Symantec
W32.Lovgate.AD@mm is a mass-mailing worm that spreads using the Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS03-026), and through open network shares. The email has a variable subject and

Xebiz.A
This malware was reported by: Panda Software
 Xebiz.A is a Trojan that connects to an specific website in order to download another Trojan, Zerolin.A, to the affected computer.Xebiz.A has been massively sent via e-mail (spam).

W32/Rbot-DP
This malware was reported by: Sophos
W32/Rbot-DP is an IRC backdoor Trojan with spreading capability. W32/Rbot-DP copies itself into the Windows system folder and sets the following registry entries to run itself automatically when Windows starts up HKCUSoftwareMicrosoftWindowsCurrent

BackDoor-CGT
This malware was reported by: Network Associates Inc


W32/Lovgate.aj@MM
This malware was reported by: Network Associates Inc


W32.Lovgate.AC@mm
This malware was reported by: Symantec


W32/Rbot-DR
This malware was reported by: Sophos


W32/Korgo-U
This malware was reported by: Sophos


MS04-023_HTML_HELP
This malware was reported by: Trendmicro


MS04-022_TASK_SCHEDULER
This malware was reported by: Trendmicro


W32/Atak@MM
This malware was reported by: Network Associates Inc


MS Vulnerability MS04-024
This malware was reported by: Network Associates Inc


MS Vulnerability MS04-023
This malware was reported by: Network Associates Inc


MS Vulnerability MS04-022
This malware was reported by: Network Associates Inc


MS Vulnerability MS04-021
This malware was reported by: Network Associates Inc


MS Vulnerability MS04-020
This malware was reported by: Network Associates Inc


MS Vulnerability MS04-019
This malware was reported by: Network Associates Inc


MS Vulnerability MS04-018
This malware was reported by: Network Associates Inc


TrojanSpy.Win32.Briss.g
This malware was reported by: F-Secure


Webber.W
This malware was reported by: Computer Associates


Korgo.T
This malware was reported by: Computer Associates


Korgo.AA
This malware was reported by: Computer Associates


Korgo.AB
This malware was reported by: Computer Associates


Lovgate.AR
This malware was reported by: Computer Associates


Lovgate.AQ
This malware was reported by: Computer Associates


Lovgate.AG
This malware was reported by: Computer Associates


Lovgate.AM
This malware was reported by: Computer Associates


W32/Agobot-KS
This malware was reported by: Sophos


W32/Agobot-KT
This malware was reported by: Sophos


W32.Atak@mm
This malware was reported by: Symantec


WORM_ATAK.A
This malware was reported by: Trendmicro


WORM_OLATSKY.A
This malware was reported by: Trendmicro


Trojan.Cargao
This malware was reported by: Symantec


Trojan.Foron
This malware was reported by: Symantec


Backdoor.Xebiz
This malware was reported by: Symantec


IMIServer.download
This malware was reported by: Network Associates Inc


Bagle.AA
This malware was reported by: Computer Associates
Win32.Bagle.AA is a worm that spreads via e-mail and peer-to-peer file sharing. The worm itself is an FSG-packed executable, approximately 15,000 bytes in l

Atak
This malware was reported by: Computer Associates
Win32.Atak.A is an intended worm, which attempts to spread via e-mail using its own SMTP engine. Due to a bug in the code, however, it will probably not pro

Hardoc.A
This malware was reported by: Computer Associates
Hardoc.A is a worm spreading via the e-mail system. It has been distributed as 5,120-byte, UPX-packed, Win32 executable. The worm uses its own SMTP engine.

BackDoor-CGV
This malware was reported by: Network Associates Inc


W32/Rbot-DS
This malware was reported by: Sophos
W32/Rbot-DS is a worm which attempts to spread to remote network shares. It also contains backdoor Trojan functionality, allowing unauthorised remote access to the infected computer via IRC channels while running in the background as a service process

W32/Agobot-KN
This malware was reported by: Sophos


W32/Bagle-AF
This malware was reported by: Sophos
W32/Bagle-AF is a member of the W32/Bagle family of email worms. W32/Bagle-AF spreads by email. The email addresses are collected from files on the computer containing the following file extensions: WAB, TXT, MSG, HTM, SHTM, STM, XML, DBX, MBX,

W32/Rbot-DT
This malware was reported by: Sophos
W32/Rbot-DT is a worm which attempts to spread to remote network shares. The worm also contains backdoor functionality, allowing unauthorised remote access to the infected computer via IRC channels while running in the background as a service process.

WORM_BAGLE.AF
This malware was reported by: Trendmicro
As of 4:15 PM July 15, 2004 (GMT -07:00; Daylight Savings Time), TrendLabs has declared a Medium Risk alert to control the spread of this new BAGLE variant that is spreading via email and network shares. Infection reports have been received from the U.S.

W32.Beagle.AB@mm
This malware was reported by: Symantec


Backdoor.Doster
This malware was reported by: Symantec
Backdoor.Doster is a Backdoor Trojan horse that attempts to give an attacker access to your computer. It also modifies the Hosts file.

Atak.B
This malware was reported by: Panda Software
 Atak.B is a worm that spreads via e-mail in a message with variable characteristics, and through peer-to-peer (P2P) file sharing programs.Atak.B checks if certain processes are active in memory, and if so, it ends them. Such processes belong both to othe

W32/Bagle.af@MM
This malware was reported by: Network Associates Inc


AdClicker-AU
This malware was reported by: Network Associates Inc


Bagle.AF
This malware was reported by: F-Secure


Bagle.AB
This malware was reported by: Computer Associates
Win32.Bagle.AB is a worm that spreads via e-mail and peer-to-peer file sharing. Note: Components of Win32.Bagle.AB are detected proactively by eTrust Antivi

W32/Atak-B
This malware was reported by: Sophos
W32/Atak-B is a mass mailing worm. When executed it copies itself to the Windows system folder as svrhost.exe and sets the following registry entries so as to auto-start on user logon or computer startup: HKLMSoftwareMicrosoftWindowsCurrentVersion

Bagle.AF
This malware was reported by: Panda Software


WCE/Duts-A
This malware was reported by: Sophos
WCE/Duts-A is a proof-of-concept parasitic virus which infects EXE files for the Pocket PC environment. To spread between Pocket PCs infected EXEs would need to be exchanged manually. However, WCE/Duts-A is not in the wild and is not a threat.

W32/Agobot-KW
This malware was reported by: Sophos
W32/Agobot-KW is a network worm which spreads by copying itself to computers protected by weak passwords and via IRC channels. The worm also allows unauthorised remote access to the computer via a network. W32/Agobot-KW copies itself to the Windows

W32/Rbot-DY
This malware was reported by: Sophos
W32/Rbot-DY is an IRC backdoor worm. W32/Rbot-DY allows unauthorised remote access to the infected computer via an IRC channel. The worm may spread to network shares with weak passwords in response to a backdoor command. W32/Rbot-DY copies itsel

WORM_BAGLE.AG
This malware was reported by: Trendmicro
TrendLabs HQ has received several infection reports from Australia, New Zealand, and the US of this BAGLE worm spreading via email and network shares.

WINCE_DUTS.A
This malware was reported by: Trendmicro
This virus is designed to run in the Windows CE environment. The Windows CE operating system is used in Pocket PC devices.

WORM_ATAK.B
This malware was reported by: Trendmicro
This mass mailer worm uses its own Simple Mail Transfer Protocol (SMTP) engine to propagate across networks using email addresses gathered from the temporary folders in the current user’s profile.

W32.Beagle.AC@mm
This malware was reported by: Symantec


Duts.1530
This malware was reported by: Panda Software
 Duts.1530 is a virus that only infects executable files with an EXE extension in those platforms with a Windows CE (Pocket PC versions 2000, 2002 and 2003) operating system installed.In order to do so, Duts.1530 creates a copy of its code in the last sec

W32/Bagle.ag@MM
This malware was reported by: Network Associates Inc


WinCE/Duts.1536
This malware was reported by: Network Associates Inc
This detection is for a proof of concept file virus written for the PocketPC platform. The virus bears the following characteristics: it is coded for devices based on ARM CPUs. it is a parsitic file infector, appending itself to host file


Anti virus links

Anti-virus programs
Virus history
Top-100 malware
Svenska
Antivirus programs


Sitemap


Anti virus and malware

  Anti virus