Bagle.EY
This malware was reported by: F-Secure
Dasher.B
This malware was reported by: F-Secure
Bagle.EX
This malware was reported by: F-Secure
Dasher.A
This malware was reported by: F-Secure
Doomboot.L
This malware was reported by: F-Secure
Dampig.C
This malware was reported by: F-Secure
Avgold.D
This malware was reported by: F-Secure
Mabtal.B
This malware was reported by: F-Secure
Avgold
This malware was reported by: F-Secure
Adware-HotBar.dr
This malware was reported by: Network Associates Inc
Troj/Zapchas-AF
This malware was reported by: Sophos
Troj/Zapchas-AF is a backdoor Trojan for the Windows platform.
Troj/Zapchas-AF runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.
W32/Dasher.worm
This malware was reported by: Network Associates Inc
W32/Dasher.worm
is a self-extractor RAR archive that will try to exploit Microsoft Windows Vulnerabilities in MSDTC and COM+ (MS05-051
) after deploying itself on a vulnerable host.
Files Added
%WINDIR% empsqlscan.bat (306 Bytes
W32.Dasher.C
This malware was reported by: Symantec
W32.Dasher.C is a worm that lowers security settings on the compromised computer. It spreads by exploiting the Microsoft Windows MSDTC Memory Corruption Vulnerability (as described in the Microsoft Security Bulletin MS05-051) on TCP port 1025.
Troj/PcClien-IJ
This malware was reported by: Sophos
Troj/PcClien-IJ is a Trojan for the Windows platform.
Troj/PcClien-IJ can log keystrokes and includes functionality to access the internet and communicate with a remote server via HTTP.
Troj/PcClien-IJ may use stealthing techniques, such as
W32.Beagle.CY@mm
This malware was reported by: Symantec
W32.Beagle.CY@mm is a mass-mailing worm that uses its own SMTP engine to send out copies of another threat, Trojan.Lodear.F. The worm also opens a back door on the compromised computer using TCP port 80 and lowers security settings.
SymbOS.Cardtrp.O
This malware was reported by: Symantec
SymbOS.Cardtrp.N
This malware was reported by: Symantec
SymbOS.Cardtrp.N is a minor variant of SymbOS.Cardtrp.M. It is a Trojan horse that runs on the Symbian OS, which is used as the operating system for Nokia Series 60 cellular telephones. It disables some applications installed on the device and drops thre
SymbOS.Cardtrp.M
This malware was reported by: Symantec
SymbOS.Cardtrp.P
This malware was reported by: Symantec
SymbOS.Skulls.R
This malware was reported by: Symantec
SymbOS.Skulls.R is a Trojan horse that runs on the Symbian OS, which is used as the operating system for Nokia Series 60 cellular telephones. The Trojan overwrites several applications and installs other threats on the compromised device.
Troj/Dloadr-ACM
This malware was reported by: Sophos
Troj/Dloadr-ACA is a downloader Trojan for the Windows platform.
W32/Rbot-AOH
This malware was reported by: Sophos
W32/Rbot-AOH is a worm and IRC backdoor Trojan for the Windows platform.
W32/Rbot-AOH spreads:
- to other network computers by exploiting common buffer overflow vulnerabilites, including: RPC-DCOM (MS04-012), PNP (MS05-039) and ASN.1 (MS04
W32/Dasher-C
This malware was reported by: Sophos
W32/Dasher-C is a worm for the Windows platform.
W32/Dasher-C spreads by exploiting various vulnerability includes the following:
WINS vulnerability (MS04-045)
WINDOWS PNP vulnerability (MS05-039)
MSDTC vulnerability (MS05-051)
MSSQL Authen
Troj/VBbot-I
This malware was reported by: Sophos
Troj/VBbot-I is a backdoor Trojan for the Windows platform that allows access to the infected computer via an IRC channel.
Troj/Bckdr-E
This malware was reported by: Sophos
Troj/Bckdr-E is a Trojan for the Windows platform.
Troj/Bancban-LZ
This malware was reported by: Sophos
Troj/Bancban-LZ is a Trojan for the Windows platform.
Troj/Bancban-LZ includes functionality to send notification messages to remote locations.
Trojan.Mdropper.D
This malware was reported by: Symantec
Trojan.Mdropper.D is a Trojan horse that exploits the Microsoft Word Macro Name Handler Buffer Overflow Vulnerability (as described in Microsoft Security Bulletin MS03-050) and drops a file on the compromised computer.
Downloader-ARG
This malware was reported by: Network Associates Inc
W32/Mytob.bj@MM!zip
This malware was reported by: Network Associates Inc
This detection covers ZIP files sent out by W32/Mytob.bj@MM. For details on that threat, see:
http://vil.nai.com/vil/content/v_134038.htm
Top of Page
W32/Mytob.bo@MM!zip
This malware was reported by: Network Associates Inc
This detection covers ZIP files sent out by W32/Mytob.bo@MM . For details on that threat, see:
http://vil.nai.com/vil/content/v_134084.htm
Top of Page
W32/Mytob.bn@MM!zip
This malware was reported by: Network Associates Inc
This detection is for a mass-mailing worm that combines W32/Mydoom@MM functionality with W32/Sdbot.worm functionality.
The virus arrives in an email message as follows:
From: (Spoofed email sender)
Do not assume that the sender addre
Downloader-AAO
This malware was reported by: Network Associates Inc
Downloader-AFO
This malware was reported by: Network Associates Inc
Downloader-ABW
This malware was reported by: Network Associates Inc
Dasher.B
This malware was reported by: Computer Associates
Robknot Family
This malware was reported by: Computer Associates
Description Win32.Robknot is a family of worms that spread via e-mail and modify system settings.
W32/Rbot-BCQ
This malware was reported by: Sophos
W32/Rbot-BCQ is a worm and IRC backdoor Trojan for the Windows platform.
W32/Rbot-BCQ spreads:
- to other network computers infected with: Troj/Kuang, Troj/Sub7, Troj/NetDevil, W32/MyDoom, W32/Bagle and Troj/Optix
- to other network compu
Troj/BagleDl-AN
This malware was reported by: Sophos
Troj/BagleDl-AN is a Trojan for the Windows platform.
When first run, Troj/BagleDl-AN opens a graphics file named ntimage.gif with the default image viewer.
The latest Bagle Trojan horse open a graphics file when first run.
Troj/B
WORM_COMBRA.O
This malware was reported by: Trendmicro
WORM_QQPASS.A
This malware was reported by: Trendmicro
Upon execution, this worm drops copies of itself on affected machines. It creates registry entries to ensure its automatic execution at every system startup.
Zlob.cy
This malware was reported by: F-Secure
Dasher.C
This malware was reported by: Computer Associates
Description Win32/Dasher.C is a worm that spreads by exploiting a number of Windows vulnerabilities. It has been distributed as a 35,484-byte, UPack-compressed, Win
Adware-StarAE.dr
This malware was reported by: Network Associates Inc
WORM_DASHER.C
This malware was reported by: Trendmicro
Upon execution, this worm drops and executes a file in the %System%wins folder. The worm also drops several files in the same folder, which Trend Micro detects as the following:
Adware-SrchExplorer
This malware was reported by: Network Associates Inc
Spam-Skull.dr
This malware was reported by: Network Associates Inc
Spam-Skull.dll
This malware was reported by: Network Associates Inc
Troj/BagleDl-AR
This malware was reported by: Sophos
Troj/BagleDl-AR is a Trojan for the Windows platform.
Troj/BagleDl-AR includes functionality to access the internet and communicate with a remote server via HTTP.
Troj/BagleDl-AO
This malware was reported by: Sophos
Troj/BagleDl-AO is a Trojan for the Windows platform.
When first run, Troj/BagleDl-AO opens a graphics file named ntimage.gif with the default image viewer.
The latest Bagle Trojan horse open a graphics file when first run.
Troj/B
TROJ_GETO.A
This malware was reported by: Trendmicro
This Trojan can arrive as a file downloaded from the Internet by an unsuspecting user when visiting a malicious Web site. It can also arrive as an attachment to a spammed email message.
TROJ_SAMX.A
This malware was reported by: Trendmicro
AdClicker-DX
This malware was reported by: Network Associates Inc
AdClicker-DY
This malware was reported by: Network Associates Inc
PWSteal.Tarno.Q
This malware was reported by: Symantec
PWSteal.Tarno.Q is a password-stealing Trojan horse that attempts to log information entered into Web forms.
Note: Virus definitions dated prior to December 20, 2005 may detect this as PWSteal.Tarno.
Troj/Agent-GG
This malware was reported by: Sophos
Troj/Agent-GG is a Trojan for the Windows platform.
Troj/Agent-GG includes functionality to access the internet and communicate with a remote server via HTTP.
W32/Bagle-AX
This malware was reported by: Sophos
W32/Bagle-AX is a mass-mailing worm for the Windows platform.
W32/Bagle-AX sends a ZIP file as an email attachment. The ZIP file contains an executable detected as Troj/BagleDl-AO.
Once installed, this executable attempts to download furthe
W32/Feebs-A
This malware was reported by: Sophos
W32/Feebs-A is a worm for the Windows platform.
The worm may arrive as an attachment to an email claiming to be sent via "Protected E-Mail service" with bogus credentials. The message may lure the recipient into entering the supplied credent
Troj/Nuclear-O
This malware was reported by: Sophos
Troj/Nuclear-O is a backdoor Trojan for the Windows platform.
W32.Dasher.D
This malware was reported by: Symantec
W32.Dasher.D is a worm that disables services on the compromised computer. It spreads by exploiting various remote vulnerabilities.
Beovens Family
This malware was reported by: Computer Associates
Description Win32.Beovens are a family of downloading trojans. Beovens may be installed by several methods, such as via exploiting a vulnerability in Internet Explor
Adware-ZangoSA.dldr
This malware was reported by: Network Associates Inc
Troj/Banload-BS
This malware was reported by: Sophos
Troj/Banload-BS is a Trojan downloader for the Windows platform.
Troj/Banload-BS includes functionality to access the internet and communicate
with a remote server via HTTP.
Troj/Zapchas-AF
This malware was reported by: Sophos
Troj/Zapchas-AF is a backdoor Trojan for the Windows platform.
Troj/Zapchas-AF runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels.
Commwarrior.A
This malware was reported by: F-Secure
W32/Traxg-G
This malware was reported by: Sophos
W32/Traxg-G is a worm for the Windows platform.
W32/Traxg-G includes functionality to spread through emails, network shares or by coping itself to the drives A and D.
W32/Traxg-G may display the following fake warning message:
Warning
This
Troj/PcClien-IJ
This malware was reported by: Sophos
Troj/PcClien-IJ is a Trojan for the Windows platform.
Troj/PcClien-IJ can log keystrokes and includes functionality to access the internet and communicate with a remote server via HTTP.
Troj/PcClien-IJ may use stealthing techniques, such as
WORM_FEEBS.A
This malware was reported by: Trendmicro
This worm spreads through peer-to-peer (P2P) file-sharing applications. It uses different file names, which are related to various applications, to entice P2P users to download copies of itself.
TROJ_BAGLE.GI
This malware was reported by: Trendmicro
This memory-resident Trojan arrives on a system as an attachment to mass-mailed email messages.
Adware-Zquest
This malware was reported by: Network Associates Inc
Troj/BagleDl-AP
This malware was reported by: Sophos
Troj/BagleDl-AP is a downloader Trojan for the Windows platform.
Troj/Dloadr-ACM
This malware was reported by: Sophos
Troj/Dloadr-ACA is a downloader Trojan for the Windows platform.
Adware-CasClient
This malware was reported by: Network Associates Inc
Keylog-ABC
This malware was reported by: Network Associates Inc
Onehop.D
This malware was reported by: F-Secure
Bagle.FD
This malware was reported by: F-Secure
Bagle.FC
This malware was reported by: F-Secure
Bagle.FB
This malware was reported by: F-Secure
Tool-ByShell
This malware was reported by: Network Associates Inc
Onehop.B
This malware was reported by: F-Secure
Onehop.E
This malware was reported by: F-Secure
Dasher.B
This malware was reported by: Panda Software
Dasher.B is a worm that installs a self-extracting RAR file on the affected computer. This file contains and installs other files, some of them belonging to malware, such as Exploit/MS05-051.A and Hacktool/TCPPortScan.B.Dasher.B attempts to exploit the v
Dasher.A
This malware was reported by: Panda Software
Dasher.A is a worm that installs a self-extracting RAR file on the affected computer. This file contains and installs other files, some of them belonging to malware, such as Exploit/MS05-051.A and Hacktool/TCPPortScan.A.Dasher.A attempts to exploit the v
W32.Beagle.CZ@mm
This malware was reported by: Symantec
W32.Beagle.CZ@mm is a mass-mailing worm that uses its own SMTP engine to send out copies of another threat, Trojan.Lodear.G. The worm also opens a back door on the compromised computer using TCP port 80 and lowers security settings.
Trojan.Lodear.G
This malware was reported by: Symantec
Trojan.Lodear.G is a Trojan horse that attempts to download remote files.
The Trojan may arrive as an email attachment with one of the following names, containing a file named s3700026.exe:
Thomas.zip
Henry.zip
William.zip
Nicholaus.zip
Edward.zip
Ka
Troj/Feutel-BC
This malware was reported by: Sophos
Troj/Feutel-BC is a backdoor Trojan for the Windows platform that provides unauthorized remote access to the infected computer.
W32/Dasher-C
This malware was reported by: Sophos
W32/Dasher-C is a worm for the Windows platform.
W32/Dasher-C spreads by exploiting various vulnerability includes the following:
WINS vulnerability (MS04-045)
WINDOWS PNP vulnerability (MS05-039)
MSDTC vulnerability (MS05-051)
MSSQL Authen
Trojan.Lodeight.A
This malware was reported by: Symantec
Trojan.Lodeight.A is a Trojan horse that attempts to download a Beagle variant.
Mitglieder.GO
This malware was reported by: Panda Software
Mitglieder.GO is a Trojan that connects every four hours to a random URL selected from a list of websites that are included in its code, in order to download and run a file, which can be of any nature, including malware.Mitglieder.GO has been massively s
W32/Dasher.worm.gen
This malware was reported by: Network Associates Inc
For details on this threat see:
http://vil.nai.com/vil/content/v_137567.htm
Top of Page
Adware-DropSpam
This malware was reported by: Network Associates Inc
Troj/Banload-CL
This malware was reported by: Sophos
Troj/Banload-CL is a Trojan for the Windows platform.
Troj/Banload-CL attempts to download and execute further software. It is typically used to download internet banking Trojans.
W32/Rbot-BCQ
This malware was reported by: Sophos
W32/Rbot-BCQ is a worm and IRC backdoor Trojan for the Windows platform.
W32/Rbot-BCQ spreads:
- to other network computers infected with: Troj/Kuang, Troj/Sub7, Troj/NetDevil, W32/MyDoom, W32/Bagle and Troj/Optix
- to other network compu
Troj/Agent-GG
This malware was reported by: Sophos
Troj/Agent-GG is a Trojan for the Windows platform.
Troj/Agent-GG includes functionality to access the internet and communicate with a remote server via HTTP.
Troj/BagleDl-V
This malware was reported by: Sophos
Troj/BagleDl-V is a Trojan for the Windows platform.
W32/Feebs-A
This malware was reported by: Sophos
W32/Feebs-A is a worm for the Windows platform.
The worm may arrive as an attachment to an email claiming to be sent via "Protected E-Mail service" with bogus credentials. The message may lure the recipient into entering the supplied credent
Glieder.CM
This malware was reported by: Computer Associates
Description Win32/Glieder.CM is a trojan that downloads and executes arbitrary files from a long, hardcoded list of particular URLs. It has been mass-mailed as a 9,6
Bloodhound.Exploit.55
This malware was reported by: Symantec
W32/Bloat-A
This malware was reported by: Sophos
W32/Bloat-A is a prepending virus for the Windows platform.
Troj/Banload-BS
This malware was reported by: Sophos
Troj/Banload-BS is a Trojan downloader for the Windows platform.
Troj/Banload-BS includes functionality to access the internet and communicate
with a remote server via HTTP.
W32/Traxg-G
This malware was reported by: Sophos
W32/Traxg-G is a worm for the Windows platform.
W32/Traxg-G includes functionality to spread through emails, network shares or by coping itself to the drives A and D.
W32/Traxg-G may display the following fake warning message:
Warning
This