Generic PWS.o
This malware was reported by: Network Associates Inc
Downloader-AAP.dll
This malware was reported by: Network Associates Inc
Trojan.Beagooz.E
This malware was reported by: Symantec
Trojan.Beagooz.E is a Trojan horse that gathers email addresses from the compromised computer and sends this data to a remote server.
Troj/FeebDl-A
This malware was reported by: Sophos
W32/PPDoor-R
This malware was reported by: Sophos
W32.Feebs.D@mm
This malware was reported by: Symantec
W32.Feebs.D@mm is a mass-mailing worm that also spreads through file-sharing networks and lowers security settings on the compromised computer.
The worm arrives as an email attachment with an .HTA extension.
Troj/Nethell-A
This malware was reported by: Sophos
W32/Sdbot-ALZ
This malware was reported by: Sophos
Troj/Banker-VR
This malware was reported by: Sophos
W32/Floppy-E
This malware was reported by: Sophos
JS_FEEBS.I
This malware was reported by: Trendmicro
When installed, this JavaScript downloads a .TXT file from any of the following Web sites:
Mytob.ML
This malware was reported by: Panda Software
Mytob.ML is a worm with backdoor characteristics that connects to an IRC server and receives control commands, which allow the affected computer to be remotely administrated.This worm ends processes belonging to several security tools, such as antivirus
JS_FEEBS.M
This malware was reported by: Trendmicro
This JavaScript is embedded in a malicious Web site and is run on a system when a user visits the said Web site. It may also arrive on the system as an attached .HTML file to an email message manually mass-mailed by a malicious user.
W32/Loosky-V
This malware was reported by: Sophos
W32/Mytob-GN
This malware was reported by: Sophos
Blankfont.C
This malware was reported by: F-Secure
Blankfont.B
This malware was reported by: F-Secure
W32/Kmax.gen@MM
This malware was reported by: Network Associates Inc
This detection is for a new variant downloaded by the JS/Kmax.gen@MM .
This worm bears the following characteristics:
it is a polymorphic worm
it configures itself to load at startup
it creates copies of itself in folders containing
W32/Alcra-E
This malware was reported by: Sophos
Feebs
This malware was reported by: F-Secure
Exploit-QtPICT
This malware was reported by: Network Associates Inc
W32/Rbot-BKA
This malware was reported by: Sophos
W32/Tilebot-CX
This malware was reported by: Sophos
Troj/Vixup-AF
This malware was reported by: Sophos
W32/Rontokbro.gen@MM
This malware was reported by: Network Associates Inc
W32/Rontokbro.gen is a mass mailing worm which attempts to send a copy of itself to email addresses harvested from the computer.
The characteristics of this worm, with regard to file names, folders created, port numbers used, etc, will
Troj/Bckdr-QF
This malware was reported by: Sophos
Troj/Bifrose-DB
This malware was reported by: Sophos
Trojan.Win32.Zapchast.al
This malware was reported by: F-Secure
W32/Rbot-BJR
This malware was reported by: Sophos
Troj/FeebDl-A
This malware was reported by: Sophos
W32/Rbot-BJW
This malware was reported by: Sophos
Cdropper
This malware was reported by: F-Secure
Troj/Nethell-A
This malware was reported by: Sophos
Troj/Banker-VR
This malware was reported by: Sophos
Troj/Bancban-NQ
This malware was reported by: Sophos
W32/Loosky-V
This malware was reported by: Sophos
Keylog.gen
This malware was reported by: Network Associates Inc
VB.ab
This malware was reported by: F-Secure
JS_FEEBS.T
This malware was reported by: Trendmicro
This malicious JavaScript is embedded in a malicious Web site and is run on a system when a user visits the said Web site. It may also arrive on the system as an .HTML file attached to an email message mass-mailed by WORM_FEEBS.T or by a malicious u
Trojan.Awax
This malware was reported by: Symantec
Trojan.Awax is a Trojan horse that attempts to download and execute files from a remote server. It will also send operating system information to this server and attempt to end security-related processes.
W32/Rbot-BLC
This malware was reported by: Sophos
W32.Feebs.E@mm
This malware was reported by: Symantec
W32.Feebs.E@mm is a mass-mailing worm that also spreads through file-sharing networks and lowers security settings on the compromised computer.
Backdoor.Rustock
This malware was reported by: Symantec
Backdoor.Rustock is a back door program that allows a compromised computer to be used as a covert proxy. It uses rootkit techniques to hide any files and registry subkeys it creates.
W32/Tilebot-CX
This malware was reported by: Sophos
WORM_FEEBS.T
This malware was reported by: Trendmicro
This worm employs a technique used by WORM_BAGLE variants. However, it uses a JavaScript instead of a Trojan to acquire copies of itself from a certain location. The said JavaScript is detected by Trend Micro as JS_FEEBS.T.
Raze
This malware was reported by: Network Associates Inc
WORM_LOCKSKY.AL
This malware was reported by: Trendmicro
WORM_FEEBS.X
This malware was reported by: Trendmicro
This worm employs a propagation technique similar to that used by certain WORM_BAGLE variants. Its difference lies in its usage of a malicious JavaScript instead of a Trojan to download copies of itself from a certain location into an affected syste
TROJ_YABE.H
This malware was reported by: Trendmicro
This Trojan usually arrives as an attachment to spammed email messages. Upon execution, it drops a copy of itself in the Windows system folder with the same file name as its executed copy. It then deletes the originally executed file.
Troj/Banload-IJ
This malware was reported by: Sophos
Troj/Bckdr-QF
This malware was reported by: Sophos
Trojan.Tabela.D
This malware was reported by: Symantec
Trojan.Tabela.D is a Trojan horse program that steals email addresses from the compromised computer. The Trojan sends the stolen email addresses using HTTP to the gabyphoto.com domain.
WORM_MYTOB.NS
This malware was reported by: Trendmicro
Like other WORM_MYTOB variants, this worm spreads by attaching a copy of itself to an email message, which it sends to target recipients using its own Simple Mail Transfer Protocol (SMTP) engine.
W32/Sdbot-AMF
This malware was reported by: Sophos
W32/Rbot-BJR
This malware was reported by: Sophos
WORM_FEEBS.AF
This malware was reported by: Trendmicro
This memory-resident worm employs a propagation technique similar to that used by certain WORM_BAGLE variants. Its difference lies in its usage of a malicious JavaScript instead of a Trojan to download copies of itself from a certain location onto a
JS_FEEBS.AF
This malware was reported by: Trendmicro
This JavaScript is embedded in a malicious Web site and run on a system when a user visits the said Web site. It may also arrive on the system as an attached .HTML file to an email message manually mass-mailed by a malicious user.
WORM_LOCKSKY.AM
This malware was reported by: Trendmicro
This worm propagates by sending a copy of itself as an attachment to email messages. The email message it sends out has the following details:
W32/Vulgar
This malware was reported by: Network Associates Inc
This is an overwriting virus with a data destructive payload. When run, it attempts to open the default web browser to the following page: www.i2s-lab.com/sophos.htm. However, due to a bug in the code, this can result in Internet Explore
W32/Mytob-GO
This malware was reported by: Sophos
Troj/RuinDl-K
This malware was reported by: Sophos
WORM_RONTOKBR.AC
This malware was reported by: Trendmicro
This worm spreads by attaching a copy of itself to email messages, which it sends to its target recipients. These messages are either written in English or Indonesian.
WORM_MYTOB.NT
This malware was reported by: Trendmicro
Bootton.E
This malware was reported by: F-Secure
TROJ_DLOADER.BJW
This malware was reported by: Trendmicro
Renos
This malware was reported by: F-Secure
Troj/Zlob-CN
This malware was reported by: Sophos
Troj/Bancban-NQ
This malware was reported by: Sophos
WORM_GREW.A
This malware was reported by: Trendmicro
W32/Rbot-BLC
This malware was reported by: Sophos
W32/Nyxem-D
This malware was reported by: Sophos
Troj/Paymite-B
This malware was reported by: Sophos
W32/Agobot-VI
This malware was reported by: Sophos
W32/Sdbot-AMF
This malware was reported by: Sophos
W32/Mytob-GO
This malware was reported by: Sophos
W32.Feebs.J@mm
This malware was reported by: Symantec
W32.Feebs.J@mm is a mass-mailing worm that also spreads through file-sharing networks and lowers security settings on the compromised computer.
Troj/RuinDl-K
This malware was reported by: Sophos
Troj/BankDl-AJ
This malware was reported by: Sophos
BackDoor-CXA
This malware was reported by: Network Associates Inc
Feeb.H
This malware was reported by: Computer Associates
Rbot.ELX
This malware was reported by: Computer Associates
Mytob.MM
This malware was reported by: Panda Software
Mytob.MM is a worm with backdoor characteristics that connects to an IRC server and receives control commands, which allow the affected computer to be remotely administrated.This worm ends processes belonging to several security tools, such as antivirus
Cdropper.B
This malware was reported by: F-Secure
Cdropper.I
This malware was reported by: F-Secure
Cdropper.H
This malware was reported by: F-Secure
Cdropper.G
This malware was reported by: F-Secure
Cdropper.F
This malware was reported by: F-Secure
Cdropper.E
This malware was reported by: F-Secure
Cdropper.D
This malware was reported by: F-Secure
Cdropper.C
This malware was reported by: F-Secure
Cdropper.A
This malware was reported by: F-Secure
Troj/Dloadr-ACY
This malware was reported by: Sophos
Troj/Zlob-CN
This malware was reported by: Sophos
Blackmal.F
This malware was reported by: Computer Associates
Description Win32/Blackmal.F is a worm that spreads via e-mail and network shares.
W32.Blackmal.E@mm
This malware was reported by: Symantec
W32.Redplut
This malware was reported by: Symantec
W32.Redplut is a virus that attempts to spread through open file shares and lowers security settings.
W32/Rbot-BMG
This malware was reported by: Sophos
W32/MyWife.d@MM
This malware was reported by: Network Associates Inc
This worm is proactively detected by 4642 and higher DATs as W32/Generic.worm!p2p. 4677 and higher DATs will detect this specifically as W32/MyWife.d@MM
This is a mass-mailing worm that bears the following characteristics:
contains its
W32/Loosky-AE
This malware was reported by: Sophos
W32/Nyxem-D
This malware was reported by: Sophos