Keylog-Refog
This malware was reported by: Network Associates Inc
Spyware-AceSpy
This malware was reported by: Network Associates Inc
Adware-SurfSideKick.dldr
This malware was reported by: Network Associates Inc
Spyware-ActivityLog
This malware was reported by: Network Associates Inc
Adware-SurfSideKick.dr
This malware was reported by: Network Associates Inc
WORM_VIRKEL.B
This malware was reported by: Trendmicro
This memory-resident worm spreads via MSN Messenger. It sends an instant message to all online contacts of an affected user. The message it sends contains the following link:
W32/Chode-Q
This malware was reported by: Sophos
W32/Chode-Q is an instant messaging worm for the Windows platform with IRC backdoor functionality.
W32/Chode-Q attempts to spread via MSN Instant Messenger and AOL Instant Messenger by sending users a link to a copy of the worm.
Troj/Small-FQ
This malware was reported by: Sophos
Troj/Small-FQ is a Trojan for the Windows platform.
Troj/Small-FQ has the functionality to download, install and run new software.
Adware-SpySheriff
This malware was reported by: Network Associates Inc
W32/Erkez-G
This malware was reported by: Sophos
W32/Erkez-G is an email and peer-to-peer worm for the Windows platform.
W32/Erkez-G sends emails in the following format, where the subject and message are chosen depending upon the email address the worm is being sent to:
Subject:
msn pho
Istbar.AE
This malware was reported by: Computer Associates
Description Win32/Istbar.AE is a downloading trojan.
Moiling Family
This malware was reported by: Computer Associates
Description Win32.Moiling is a family of trojans that can be instructed to display messages and popups as well as direct users to certain websites. Win32/Moiling has
W32.Neshuta
This malware was reported by: Symantec
W32.Neshuta is a virus that infects .exe and .com files.
Backdoor.Dckane
This malware was reported by: Symantec
Backdoor.Dckane is a back door program that allows a remote attacker to have unauthorized access to the compromised computer.
Glieder.CN
This malware was reported by: Computer Associates
Description Win32.Glieder.CN is a trojan that downloads and executes arbitrary files from a long, hardcoded list of particular URLs. It has been mass-mailed as a 9,1
Glieder.CO
This malware was reported by: Computer Associates
Description Win32/Glieder.CO is a trojan that downloads and executes arbitrary files from a long, hardcoded list of particular URLs. It has been mass-mailed as a 9,0
Glieder.CP
This malware was reported by: Computer Associates
Description Win32/Glieder.CP is a trojan that downloads and executes arbitrary files from a long, hardcoded list of particular URLs. It has been mass-mailed as a 9,0
W32/Mytob-GF
This malware was reported by: Sophos
W32/Mytob-GF is a mass-mailing worm and IRC backdoor Trojan for the Windows platform.
W32/Mytob-GF runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer v
Troj/BagleDl-BA
This malware was reported by: Sophos
Troj/BagleDl-BA is a Trojan for the Windows platform.
Troj/BagleDl-BA includes functionality to access the internet and communicate with a remote server via HTTP.
Exploit-WMF
This malware was reported by: Network Associates Inc
Glieder.CQ
This malware was reported by: Computer Associates
Description Win32/Glieder.CQ is a trojan that downloads and executes arbitrary files from a long, hardcoded list of particular URLs. It has been mass-mailed as a 9,1
Glieder.CR
This malware was reported by: Computer Associates
Description Win32.Glieder.CR is a trojan that downloads and executes arbitrary files from a long, hardcoded list of particular URLs. It has been mass-mailed as a 9,2
Glieder.CS
This malware was reported by: Computer Associates
Description Win32/Glieder.CS is a trojan that downloads and executes arbitrary files from a long, hardcoded list of particular URLs. It has been mass-mailed as a 9,1
Glieder.CT
This malware was reported by: Computer Associates
Description Win32/Glieder.CT is a trojan that downloads and executes arbitrary files from a long, hardcoded list of particular URLs. It has been mass-mailed as a 10,
Glieder.CU
This malware was reported by: Computer Associates
Description Win32/Glieder.CU is a trojan that downloads and executes arbitrary files from a long, hardcoded list of particular URLs. It has been mass-mailed as a 10,
Glieder.CV
This malware was reported by: Computer Associates
Description Win32/Glieder.CV is a trojan that downloads and executes arbitrary files from a long, hardcoded list of particular URLs. It has been mass-mailed as a 10,
Glieder.CW
This malware was reported by: Computer Associates
Description Win32/Glieder.CW is a trojan that downloads and executes arbitrary files from a long, hardcoded list of particular URLs. It has been mass-mailed as a 10,
Clagger Family
This malware was reported by: Computer Associates
Adware-IEToolBar.dll
This malware was reported by: Network Associates Inc
Bloodhound.Exploit.56
This malware was reported by: Symantec
Bloodhound.Exploit.56 is a heuristic detection for the Microsoft Windows Graphics Rendering Engine WMF Format Unspecified Code Execution Vulnerability (as described in BID 16074).
Keylog-HomeKey
This malware was reported by: Network Associates Inc
WORM_LOCKSKY.T
This malware was reported by: Trendmicro
This worm may arrive on a system as attachments to email messages.
KeyLog-GoldenKey
This malware was reported by: Network Associates Inc
Troj/Gina-N
This malware was reported by: Sophos
Troj/Gina-N is a Trojan for the Windows platform.
W32/Dasher-D
This malware was reported by: Sophos
W32/Dasher-D is a worm for the Windows platform.
W32/Dasher-D spreads by exploiting the MSDTC (MS05-051) vulnerability.
Adware-Exfol
This malware was reported by: Network Associates Inc
Troj/Spyaks-B
This malware was reported by: Sophos
Troj/Spyaks-B is a Trojan for the Windows platform.
The Trojan downloads and installs additional files from a remote site.
Troj/Spyaks-B may create popup alerts with the title "Your computer is infected!" and the message text:
"Dangerous m
W32/Rbot-BFR
This malware was reported by: Sophos
W32/Rbot-BFR is a network worm with backdoor functionality for the Windows platform.
W32/Rbot-BFR spreads:
- to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012),
Spyware-Elfrah
This malware was reported by: Network Associates Inc
Adware-Appoli
This malware was reported by: Network Associates Inc
Onehop.H
This malware was reported by: F-Secure
Onehop.G
This malware was reported by: F-Secure
Onehop.F
This malware was reported by: F-Secure
Onehop.I
This malware was reported by: F-Secure
Onehop
This malware was reported by: F-Secure
Troj/DownLdr-LA
This malware was reported by: Sophos
Troj/DownLdr-LA is a Trojan for the Windows platform.
Troj/DownLdr-LA includes functionality to access the internet and communicate with a remote server via HTTP.
Troj/Raker-B
This malware was reported by: Sophos
Troj/Raker-B is a Trojan for the Windows platform.
TROJ_WMFIOO.A
This malware was reported by: Trendmicro
AKStealer.A
This malware was reported by: Panda Software
AKStealer.A is a password stealer type Trojan that obtains user names and passwords for the following services: Internet Explorer proxies, Outlook, Google accounts (Gmail, Orkut), ebay, Monster.com, Paypal, e-gold, Careerbuilder.com, GMX.net and Passport
W32/NoChod@MM!74752
This malware was reported by: Network Associates Inc
This detection is for a worm pretending to be the new version of MSN Messenger. Detection for this worm will be added to the 4661 DATS as W32/NoChod@MM .
Written in Visual Basic and packed with PECompact v2.0 it bears the following char
Spyware-SaveKeys
This malware was reported by: Network Associates Inc
Troj/DownLdr-LW
This malware was reported by: Sophos
Troj/DownLdr-LW is a Windows Metafile (WMF) file which exploits a vulnerability allowing the download and execution of an EXE file from a remote URL.
At the time of writing, the downloaded file was Troj/DownLdr-LA.
W32/Tilebot-GS
This malware was reported by: Sophos
W32/Tilebot-GS is a worm and IRC backdoor for the Windows platform.
W32/Tilebot-GS spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), WKS (MS03-049) (CAN
Portscan-Saint
This malware was reported by: Network Associates Inc
KeyLog-SFY
This malware was reported by: Network Associates Inc
WORM_LOCKSKY.V
This malware was reported by: Trendmicro
This worm propagates by sending copies of itself as attachments to email messages. The screenshot below is an example of the email message it sends out:
Metafile
This malware was reported by: Panda Software
Trojan.Infticker
This malware was reported by: Symantec
Trojan.Infticker is a Trojan horse that displays a ticker at the top of the screen stating the compromised computer is infected.
TROJ_WMFMSITS.A
This malware was reported by: Trendmicro
TROJ_WMFXEXE.A
This malware was reported by: Trendmicro
Adware-Malwarewipe
This malware was reported by: Network Associates Inc
W32/Rbot-BGH
This malware was reported by: Sophos
W32/Rbot-BGH is a worm with backdoor functionality for the Windows platform.
W32/Rbot-BGH spreads to other network computers by exploiting common buffer overflow vulnerabilities, including: LSASS (MS04-011), RPC-DCOM (MS04-012), WKS (MS03-04
W32/Brontok-J
This malware was reported by: Sophos
W32/Brontok-J is an email worm for the Windows platform.
W32/Brontok-J attempts to send itself to email addresses harvested from the computer. It will also attempt to modify various Windows Explorer settings.
W32/Brontok-J will restart the
Worfo
This malware was reported by: Computer Associates
TROJ_NASCENE.A
This malware was reported by: Trendmicro
This Trojan is a .WMF file that takes advantage of an unpatched vulnerability found in Windows Picture and Fax Viewer. Once exploited successfully, the said vulnerability allows this Trojan to connect to the Web site http://union{BLOCKED}.com/d and
TROJ_NASCENE.C
This malware was reported by: Trendmicro
This Trojan takes advantage of an unpatched vulnerability found in Windows Picture and Fax Viewer. It exploits the said vulnerability to download the file MSITS.EXE from the following URL:
TROJ_NASCENE.B
This malware was reported by: Trendmicro
This Trojan is a .WMF file that takes advantage of an unpatched vulnerability found in Windows Picture and Fax Viewer.
TROJ_NASCENE.D
This malware was reported by: Trendmicro
This Trojan is a .WMF file that takes advantage of an unpatched vulnerability found in the Windows Picture and Fax Viewer. Once exploited successfully, the said vulnerability allows this Trojan to connect to the Web site http://b{BLOCKED}bar.biz/ an
Troj/DownLdr-NR
This malware was reported by: Sophos
Troj/DownLdr-NR is a downloader Trojan for the Windows platform.
W32/Chode-Q
This malware was reported by: Sophos
W32/Chode-Q is an instant messaging worm for the Windows platform with IRC backdoor functionality.
W32/Chode-Q attempts to spread via MSN Instant Messenger and AOL Instant Messenger by sending users a link to a copy of the worm.
Troj/Agent-TM
This malware was reported by: Sophos
Troj/Agent-TM is a Trojan for the Windows platform.
Troj/Agent-TM includes functionality to access the internet and communicate with a remote server via HTTP.
W32/Hazif-C
This malware was reported by: Sophos
W32/Hazif-C is a password stealing worm for the Windows platform.
W32/Hazif-C can spread to the floppy drive with a preconfigured filename.
W32/Hazif-C can be used to steal passwords for Yahoo Instant Messenger and can be preconfigured to s
Troj/Bancban-LF
This malware was reported by: Sophos
Troj/Bancban-LF is a Trojan for the Windows platform.
Troj/Bancban-LF includes functionality to send notification messages to remote locations.
W32/Erkez-G
This malware was reported by: Sophos
W32/Erkez-G is an email and peer-to-peer worm for the Windows platform.
W32/Erkez-G sends emails in the following format, where the subject and message are chosen depending upon the email address the worm is being sent to:
Subject:
msn pho
Adware-eMusic
This malware was reported by: Network Associates Inc
Adware-MySearch
This malware was reported by: Network Associates Inc
Spyware-SpyLantern
This malware was reported by: Network Associates Inc
StartPage-IG
This malware was reported by: Network Associates Inc
W32/Loosky-K
This malware was reported by: Sophos
W32/Loosky-K is a worm for the Windows platform.
W32/Mytob-GF
This malware was reported by: Sophos
W32/Mytob-GF is a mass-mailing worm and IRC backdoor Trojan for the Windows platform.
W32/Mytob-GF runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer v
Onehop.J
This malware was reported by: F-Secure
Joke-MewII
This malware was reported by: Network Associates Inc
Joke-Madcow
This malware was reported by: Network Associates Inc
Joke-LOL
This malware was reported by: Network Associates Inc
Joke-LastTime
This malware was reported by: Network Associates Inc
TROJ_WMFCRASH.A
This malware was reported by: Trendmicro
This Trojan is a .WMF file that takes advantage of an unpatched vulnerability found in Windows Picture and Fax Viewer.
Joke-Nowayout
This malware was reported by: Network Associates Inc
Joke-MovingWindow
This malware was reported by: Network Associates Inc
Joke-MovingMouse
This malware was reported by: Network Associates Inc
Joke-Monopoly
This malware was reported by: Network Associates Inc
Joke-Pallbearer
This malware was reported by: Network Associates Inc
Joke-Ohnee
This malware was reported by: Network Associates Inc
W32/Loosky-M
This malware was reported by: Sophos
W32/Loosky-M is a worm for the Windows platform.
Troj/Gina-N
This malware was reported by: Sophos
Troj/Gina-N is a Trojan for the Windows platform.
SymbOS/SendTool!sis
This malware was reported by: Network Associates Inc
StartPage-Meche
This malware was reported by: Network Associates Inc
PFV-Exploit
This malware was reported by: F-Secure
Avgold
This malware was reported by: F-Secure
Avgold.D
This malware was reported by: F-Secure
Commwarrior.A
This malware was reported by: F-Secure