Onehop.C
This malware was reported by: F-Secure
Adware-Cantfind
This malware was reported by: Network Associates Inc
MerryX.A
This malware was reported by: Panda Software
MerryX.A is a Trojan that logs the keystrokes typed by the user, in order to obtain information about the affected computer. Then, it connects to a remote server, to which it sends the gathered information.It also attempts to download files from differen
Troj/Smwg-A
This malware was reported by: Sophos
Troj/Smwg-A is a Trojan for the Windows platform.
Troj/BagleDl-AP
This malware was reported by: Sophos
Troj/BagleDl-AP is a downloader Trojan for the Windows platform.
WORM_BRONTOK.AA
This malware was reported by: Trendmicro
This memory-resident worm propagates by sending a copy of itself as an attachment to email messages. It gathers target email addresses by searching an affected system for files with certain extensions.
WORM_BLASTER.N
This malware was reported by: Trendmicro
This worm propagates using the RPC/DCOM vulnerability found in Windows, which allows an attacker to gain full access and execute any code on a target machine by sending a malformed packet to the DCOM service. It uses TCP port 135. More information o
Cardtrap.O
This malware was reported by: F-Secure
Troj/Feutel-BC
This malware was reported by: Sophos
Troj/Feutel-BC is a backdoor Trojan for the Windows platform that provides unauthorized remote access to the infected computer.
Troj/Bancban-MQ
This malware was reported by: Sophos
Troj/Bancban-MQ is a password stealing Trojan for the Windows platform.
Troj/Bancban-MQ targets the customers of certain Brazilian online banking websites by displaying fake interfaces and recording any details entered.
Troj/Bancban-MQ incl
Troj/Banload-CL
This malware was reported by: Sophos
Troj/Banload-CL is a Trojan for the Windows platform.
Troj/Banload-CL attempts to download and execute further software. It is typically used to download internet banking Trojans.
W32.Feebs.A
This malware was reported by: Symantec
W32.Feebs.A is a worm that attempts to spread through file-sharing networks. It lowers security settings on the compromised computer.
W32.Wisfc
This malware was reported by: Symantec
W32.Wisfc is a virus that infects .exe, .dll, and .scr files. It also drops another threat, a variant of the Download.Trojan family.
WORM_SDBOT.CWG
This malware was reported by: Trendmicro
W32/Sunk-A
This malware was reported by: Sophos
W32/Sunk-A is a worm for the Windows platform.
The worm will display the following fake error message:
"An unexpected error has occurred on the execution of this file"
W32/Sunk-A will attempt to replace every file on the infected computer
PWS-JA
This malware was reported by: Network Associates Inc
Spyaxe
This malware was reported by: Network Associates Inc
Adware-Spyaxe
This malware was reported by: Network Associates Inc
ELF_KAITEN.N
This malware was reported by: Trendmicro
W97M.Ruleden
This malware was reported by: Symantec
W97M.Ruleden is a macro virus that deletes files and lowers security settings.
The virus is triggered when an infected document is opened or closed.
Adware-ISTbar.dldr
This malware was reported by: Network Associates Inc
W32/Rbot-BFL
This malware was reported by: Sophos
W32/Rbot-BFL is an internet worm and IRC backdoor Trojan for the Windows platform.
W32/Rbot-BFL spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011) and RPC-DCOM (MS04-012) and
Adware-UCMore.dr
This malware was reported by: Network Associates Inc
Troj/Bancban-MV
This malware was reported by: Sophos
Troj/Bancban-MV is a Trojan for the Windows platform.
Troj/Bancban-MV includes functionality to send notification messages to remote locations.
W32/Retomo.worm
This malware was reported by: Network Associates Inc
This worm spreads via MSN Messenger (Note: Not the Windows Messenger service).
Current Content
When executed, the worm downloads fresh messages from a web server. It sends the updated messages to contact list recipients. One of
Keylog-ActiveKey
This malware was reported by: Network Associates Inc
Adware-SafeSurf.dr
This malware was reported by: Network Associates Inc
W32/Protorid-AG
This malware was reported by: Sophos
W32/Protorid-AG is a worm and IRC backdoor Trojan for the Windows platform.
W32/Protorid-AG spreads to other network computers infected with: Troj/NetDevil, W32/MyDoom, W32/Bagle and Troj/Optix and by copying itself to network shares protect
Troj/BagleDl-V
This malware was reported by: Sophos
Troj/BagleDl-V is a Trojan for the Windows platform.
Trojan.Swepdat
This malware was reported by: Symantec
Trojan.Swepdat is a Trojan horse that deletes system and security-related files, and prevents access to security-related Web sites.
Downloader-AGT
This malware was reported by: Network Associates Inc
W32.Spybot.ACDM
This malware was reported by: Symantec
W32.Spybot.ACDM is a worm that has distributed denial of service and back door capabilities. The worm spreads by exploiting vulnerabilities and by sending a message containing a link to a copy of the worm to AOL Instant Messenger contacts.
TROJ_BAGLE.GP
This malware was reported by: Trendmicro
This memory-resident Trojan arrives on a system as an attachment to mass-mailed email messages of WORM_BAGLE.GP.
ELF_KAIGENT.A
This malware was reported by: Trendmicro
This memory-resident worm is part of a BotNet distributor that exploits a known vulnerability in Mambo. Mambo is an open source content management system commonly used in LINUX platforms.
W32/Bagle.gen!F7B43CAC
This malware was reported by: Network Associates Inc
This threat will be detected as W32/Bagle.gen
with the 4656 DAT files.
This is a downloader trojan. However, like previous Bagle variants, it is likely that in the near future, the author(s) will post an accompanying EXE file on a rem
ELF_MARE.B
This malware was reported by: Trendmicro
This executable Linux file (ELF) propagates by taking advantage of the PHP-Nuke admin_styles.php phpbb_root_path vulnerability, which allows a malicious user to execute remote commands on a system.
ELF_KAITEN.P
This malware was reported by: Trendmicro
This executable Linux file (ELF) is usually downloaded and executed by another malware detected by Trend Micro as UNIX_MARE.B.
Troj/BagleDl-AS
This malware was reported by: Sophos
Troj/BagleDl-AS is a Trojan for the Windows platform.
Troj/BagleDl-AS includes functionality to access the internet and communicate with a remote server via HTTP.
Trojan.Mitglieder.S
This malware was reported by: Symantec
Trojan.Mitglieder.S is a Trojan horse that opens a back door on a compromised computer and also acts as a proxy server. The Trojan can periodically contact Web sites with information gathered from compromised computer.
W32/Bagle-EX
This malware was reported by: Sophos
Troj/Smwg-A
This malware was reported by: Sophos
Troj/Smwg-A is a Trojan for the Windows platform.
W32.Beagle.DA@mm
This malware was reported by: Symantec
W32.Beagle.DA@mm is a mass-mailing worm that uses its own SMTP engine to send out copies of another threat, Trojan.Lodear.G. The worm also opens a back door on the compromised computer using TCP port 80 and lowers security settings.
TROJ_BAGLE.GR
This malware was reported by: Trendmicro
This memory-resident Trojan arrives on a system as an attachment to mass-mailed email messages.
WORM_BAGLE.GY
This malware was reported by: Trendmicro
This worm usually arrives as a downloaded file of other malware programs. Upon execution, it drops a copy of itself as wind2ll2.exe in the Windows system folder.
TROJ_BAGLE.GS
This malware was reported by: Trendmicro
This Trojan usually arrives as a downloaded file of another malware, which Trend Micro detects as TROJ_BAGLE.GR.
WORM_BAGLE.GP
This malware was reported by: Trendmicro
This worm usually arrives as a downloaded file of TROJ_BAGLE.GP.
W32.Beagle.DB@mm
This malware was reported by: Symantec
W32.Beagle.DB@mm is a mass-mailing worm that uses its own SMTP engine to send out copies of another threat, Trojan.Lodear. The worm also opens a back door on the compromised computer using TCP port 80 and lowers security settings.
Trojan.Lodear.H
This malware was reported by: Symantec
Trojan.Lodear.H is a Trojan horse that attempts to download remote files.
The Trojan may arrive as an email attachment with one of the following names:
James.zip
Katheryne.zip
Avis.zip
Alice.zip
It has been reported that the .zip file contains the foll
W32.Mytob.MX@mm
This malware was reported by: Symantec
W32.Mytob.MX@mm is a mass-mailing worm that also spreads through network shares.
W32/Honk
This malware was reported by: Network Associates Inc
This detection is for a Win32 parasitic virus that infects both PE executables and DLL files.
Infected files were proactively detected as virus or variant New Win32
for many months, when scanning with heuristics enabled.
The virus bear
Spyware-MiniKeyLog
This malware was reported by: Network Associates Inc
W32.Feebs.B@mm
This malware was reported by: Symantec
W32.Feebs.B@mm is a mass-mailing worm that also spreads through file-sharing networks and lowers security settings on the compromised computer. The worm may also send confidential information to a remote attacker via FTP.
Note: Virus definitions prio
Troj/Torpig-U
This malware was reported by: Sophos
Troj/Torpig-U is a Trojan for the Windows platform.
Troj/Torpig-U includes functionality to access the internet and communicate with a remote server via HTTP.
Spyware-RealSpy
This malware was reported by: Network Associates Inc
Troj/Bancban-MQ
This malware was reported by: Sophos
Troj/Bancban-MQ is a password stealing Trojan for the Windows platform.
Troj/Bancban-MQ targets the customers of certain Brazilian online banking websites by displaying fake interfaces and recording any details entered.
Troj/Bancban-MQ incl
Keylog-ABSpy.dr
This malware was reported by: Network Associates Inc
W32/Rbot-BFL
This malware was reported by: Sophos
W32/Rbot-BFL is an internet worm and IRC backdoor Trojan for the Windows platform.
W32/Rbot-BFL spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011) and RPC-DCOM (MS04-012) and
Generic Dropper.r
This malware was reported by: Network Associates Inc
Generic Dropper.q
This malware was reported by: Network Associates Inc
Troj/Small-FQ
This malware was reported by: Sophos
Troj/Small-FQ is a Trojan for the Windows platform.
Troj/Small-FQ has the functionality to download, install and run new software.
Troj/Bancban-MV
This malware was reported by: Sophos
Troj/Bancban-MV is a Trojan for the Windows platform.
Troj/Bancban-MV includes functionality to send notification messages to remote locations.
Spyware-Keycollect
This malware was reported by: Network Associates Inc
Adware-CommonName.dll
This malware was reported by: Network Associates Inc
W32/Tilebot-GS
This malware was reported by: Sophos
W32/Tilebot-GS is a worm and IRC backdoor for the Windows platform.
W32/Tilebot-GS spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), WKS (MS03-049) (CAN
W32/Protorid-AG
This malware was reported by: Sophos
W32/Protorid-AG is a worm and IRC backdoor Trojan for the Windows platform.
W32/Protorid-AG spreads to other network computers infected with: Troj/NetDevil, W32/MyDoom, W32/Bagle and Troj/Optix and by copying itself to network shares protect
Troj/BagleDl-BA
This malware was reported by: Sophos
Troj/BagleDl-BA is a Trojan for the Windows platform.
Troj/BagleDl-BA includes functionality to access the internet and communicate with a remote server via HTTP.
ELF_KAIGENT.B
This malware was reported by: Trendmicro
This executable Linux file (ELF) is part of a botnet distributor that takes advantage of the following vulnerabilities:
Adware-NetPals.dr
This malware was reported by: Network Associates Inc
Adware-PrecisionTime
This malware was reported by: Network Associates Inc
Adware-CashSaver
This malware was reported by: Network Associates Inc
Adware-StatBlaster.dr
This malware was reported by: Network Associates Inc
Adware-IEToolBar.dr
This malware was reported by: Network Associates Inc
Linux.Mare
This malware was reported by: Symantec
Linux.Mare is a worm that spreads by exploiting the PHP-Nuke "phpbb_root_path" Arbitrary File Inclusion vulnerability. The worm, which has back door capabilities, also downloads and executes remote files on the compromised computer.
Trojan.Lodear.I
This malware was reported by: Symantec
Trojan.Lodear.I is a Trojan horse that attempts to download remote files.
The Trojan may arrive as an email attachment with the file name info_prices.zip.
The file info_prices.zip contains a file named 1.exe.
ELF_KAIGENT.C
This malware was reported by: Trendmicro
This executable Linux file (ELF) is part of a botnet distributor that takes advantage of the following vulnerability:
WORM_BAGLE.BY
This malware was reported by: Trendmicro
This worm propagates via email messages. It first downloads a certain file, which contains a list of target recipients, from a number of Web sites. A copy of this worm is then sent out as an attachment to the email messages that are spammed to the
W32/Dasher-D
This malware was reported by: Sophos
W32/Dasher-D is a worm for the Windows platform.
W32/Dasher-D spreads by exploiting the MSDTC (MS05-051) vulnerability.
W32/Bagle-EX
This malware was reported by: Sophos
Spyware-EasyKeylog
This malware was reported by: Network Associates Inc
JS_FEEBS.A
This malware was reported by: Trendmicro
This malicious JavaScript arrives on a system as a downloaded file from the Internet.
Adware-DigInk
This malware was reported by: Network Associates Inc
Keylog-AdvancedKey
This malware was reported by: Network Associates Inc
Adware-Rfwnad.dldr
This malware was reported by: Network Associates Inc
Keylog-Amecisco
This malware was reported by: Network Associates Inc
W32/Rbot-BFR
This malware was reported by: Sophos
W32/Rbot-BFR is a network worm with backdoor functionality for the Windows platform.
W32/Rbot-BFR spreads:
- to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012),
Troj/Torpig-U
This malware was reported by: Sophos
Troj/Torpig-U is a Trojan for the Windows platform.
Troj/Torpig-U includes functionality to access the internet and communicate with a remote server via HTTP.
Adware-ClickSpring
This malware was reported by: Network Associates Inc
TROJ_BAGLE.GT
This malware was reported by: Trendmicro
This memory-resident Trojan arrives on a system as an attachment to mass-mailed email messages.
Troj/Raker-B
This malware was reported by: Sophos
Troj/Raker-B is a Trojan for the Windows platform.
Banker.BSX
This malware was reported by: Panda Software
Banker.BSX is a password stealer type Trojan that opens the port 1106 and monitors if the user accesses websites belonging to certain banking entities in Spanish speaking countries, in order to obtain passwords.Banker.BSX captures the actions carried out
SYMBOS_CABIR.M
This malware was reported by: Trendmicro
This malware propagates via Bluetooth. It may also be downloaded from the Internet. It uses the name Norton Antivirus Symbian v1.0sis to trick unsuspecting users into accepting the file and executing it onto their phones.
W32/Hazif-C
This malware was reported by: Sophos
W32/Hazif-C is a password stealing worm for the Windows platform.
W32/Hazif-C can spread to the floppy drive with a preconfigured filename.
W32/Hazif-C can be used to steal passwords for Yahoo Instant Messenger and can be preconfigured to s
Adware-Look2Me.dldr
This malware was reported by: Network Associates Inc
Spyware-SpyAgent
This malware was reported by: Network Associates Inc
Adware-Quickbar.dr
This malware was reported by: Network Associates Inc
Adware-PeopleOnPage
This malware was reported by: Network Associates Inc
Bagle.FE
This malware was reported by: F-Secure
Nabload.U
This malware was reported by: Panda Software
Nabload.U is a Trojan that downloads a password stealer type Trojan, called Banker.BSX, to the affected computer.Banker.BSX captures the actions carried out by the user in several websites, including the login and password typed by virtual keyboards and
Spyware-PCAcme
This malware was reported by: Network Associates Inc
W32/Brontok-J
This malware was reported by: Sophos
W32/Brontok-J is an email worm for the Windows platform.
W32/Brontok-J attempts to send itself to email addresses harvested from the computer. It will also attempt to modify various Windows Explorer settings.
W32/Brontok-J will restart the