Keylog-M4log
This malware was reported by: Network Associates Inc
PWS-JJ
This malware was reported by: Network Associates Inc
Redbrowser.A
This malware was reported by: F-Secure
Backdoor.Bifrose.E
This malware was reported by: Symantec
Backdoor.Bifrose.E is a Trojan horse with back door capabilities. It also logs keystrokes and steals sensitive information, which can be sent to a remote server.
Troj/Haxdoor-AX
This malware was reported by: Sophos
Troj/FeebDl-G
This malware was reported by: Sophos
Trojan.Satiloler.E
This malware was reported by: Symantec
Trojan.Satiloler.E is a Trojan horse that attempts to steal user names, passwords, and other information from the compromised computer. It also attempts to lower security settings and can download and execute remote files.
It has been reported that th
J2ME/RedBrowser.A
This malware was reported by: Network Associates Inc
W32/Snow.a
This malware was reported by: Network Associates Inc
This detection is for a Win32 parasitic virus variant that infects Windows portable executable (PE) files.
W32/Snow.a bears the following characteristics:
infects PE executable files
infected files grow in length by about 243
Nabload.BR
This malware was reported by: Panda Software
 Nabload.BR is a Trojan that downloads other Trojan detected as Banker.CDV from a certain website. It also bypasses the Windows XP firewall. This way, it gains access to the Internet without restrictions in order to carry out its actions.Nabload.BR does
Troj/Proxy-BC
This malware was reported by: Sophos
W32/Tilebot-DL
This malware was reported by: Sophos
Banker.CDV
This malware was reported by: Panda Software
 Banker.CDV is a password stealer type Trojan that monitors if the user accesses websites belonging to certain online services, such as banking entities and the Yahoo web mail service.This way, it obtains passwords, security data, information about the u
Troj/Dloadr-MD
This malware was reported by: Sophos
Troj/Clagger-H
This malware was reported by: Sophos
StartPage-JC
This malware was reported by: Network Associates Inc
RedBrowser.A
This malware was reported by: Panda Software
 RedBrowser.A is a Trojan that, in principle, only affects cellphones with support for Java applications.RedBrowser.A pretends to access WAP pages via free SMS messages. But instead, it sends SMSs to the number 1615, which is a Russian premium rate numbe
Troj/Banload-SL
This malware was reported by: Sophos
Troj/Spywad-AE
This malware was reported by: Sophos
W32/Maslan-J
This malware was reported by: Sophos
SYMBOS_REDBROW.A
This malware was reported by: Trendmicro
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
W32/Bactera.worm!p2p
This malware was reported by: Network Associates Inc
This is a worm that spreads through eMule peer-to-peer network sharing software. The worm masquerades as a crack tool/key generator. Upon running this program, a fake error message is displayed. The worm runs silently, without showing any
Trojan.Redbrowser.A
This malware was reported by: Symantec
Trojan.Redbrowser.A is a Trojan horse that sends premium-rate SMS messages. It is a Java Midlet application that runs on mobile devices which have the Java 2 Micro Edition (J2ME) installed. It may be downloaded to the compromised device from the Intern
W32/Bagle-DM
This malware was reported by: Sophos
Troj/Bancos-PV
This malware was reported by: Sophos
WORM_BAGLE.DF
This malware was reported by: Trendmicro
To get a one-glance comprehensive view of the behavior of this worm, refer to the Behavior Diagram shown below.
W32/Bagle.dx@MM
This malware was reported by: Network Associates Inc
(Note: McAfee AVERT has observed instances of this threat, infected with W32/Sality.o, spreading in the wild)
W32/Bagle.dx@MM is a trojan downloader and mailing worm that uses its own SMTP engine to send itself to the email addresses tha
PWS-JB
This malware was reported by: Network Associates Inc
Kaki.A
This malware was reported by: Computer Associates
Description Kaki.A is 26,872-byte Win32 trojan that has been reported to be distributed through the P2P file sharing network.The trojan masquerades as a crack for t
W32.Beagle.DW@mm
This malware was reported by: Symantec
W32.Beagle.DW@mm is a mass-mailing worm that uses its own SMTP engine and file-sharing networks to spread. It opens a back door on the compromised computer and attempts to lower security settings. The worm also tries to download and execute remote files.
Spyware-SmokingGun
This malware was reported by: Network Associates Inc
W32/Shodi.worm.u
This malware was reported by: Network Associates Inc
W32/Shodi.worm.u is a Win32 prepending virus that attempts to infect all files with an .EXE extension with the exception of windows system files.
Upon execution, W32/Shodi.worm.u drops a temporary file with an extension of .USR in the sa
RedBrowser.A
This malware was reported by: Computer Associates
BackDoor-CGW.dr
This malware was reported by: Network Associates Inc
BackDoor-CGW.bat
This malware was reported by: Network Associates Inc
W32/Bagle-FN
This malware was reported by: Sophos
Troj/FeebDl-H
This malware was reported by: Sophos
PWS-Banker.gen.ba
This malware was reported by: Network Associates Inc
PWS-Banker.gen.h
This malware was reported by: Network Associates Inc
Troj/LdPinch-FC
This malware was reported by: Sophos
W32/Rbot-CJY
This malware was reported by: Sophos
Troj/FeebDl-I
This malware was reported by: Sophos
SymbOS.Cardtrp.Z
This malware was reported by: Symantec
W32.Snow.A
This malware was reported by: Symantec
W32.Snow.A is a virus that infects executable files and attempts to use the compromised computer to launch an ARP poisoning attack.
W32/Rbot-CKM
This malware was reported by: Sophos
Troj/Proxy-BC
This malware was reported by: Sophos
BackDoor-BAC.gen.dr
This malware was reported by: Network Associates Inc
Bagle.DZ
This malware was reported by: Computer Associates
Description Win32/Bagle.DZ is a worm that spreads via e-mail and peer-to-peer file sharing networks.
Adware-Fizzle
This malware was reported by: Network Associates Inc
Adware-SmartPops.dldr
This malware was reported by: Network Associates Inc
Niklas.R
This malware was reported by: Computer Associates
Description Win32.Niklas.R is a prepending, 12,288-byte, UPX-packed virus that infects Win32 executable programs. In particular, it targets files in P2P application
Adware-Redalert
This malware was reported by: Network Associates Inc
StartPage-J
This malware was reported by: Network Associates Inc
W32/Loosky!pws
This malware was reported by: Network Associates Inc
BackDoor-CXV
This malware was reported by: Network Associates Inc
Proxy-Agent.ar
This malware was reported by: Network Associates Inc
W32/Rbot-CKP
This malware was reported by: Sophos
Troj/Dloadr-MD
This malware was reported by: Sophos
Joke-SystemOK
This malware was reported by: Network Associates Inc
Joke-Slider
This malware was reported by: Network Associates Inc
W32/Loosky.dr
This malware was reported by: Network Associates Inc
W32/Loosky.dr drops components of the W32/Loosky.gen worm. This worm checks for an updated copy of itself and also attempts to download other malware from several web sites.
Upon execution, it creates a copy of itself into the windows di
Joke-Trembler
This malware was reported by: Network Associates Inc
Joke-Timetrav
This malware was reported by: Network Associates Inc
Joke-Uglyface
This malware was reported by: Network Associates Inc
Troj/SpyAgen-G
This malware was reported by: Sophos
Troj/Banload-SL
This malware was reported by: Sophos
Adware-Atlas
This malware was reported by: Network Associates Inc
Troj/SysBDr-G
This malware was reported by: Sophos
JS_FFSNIFF.A
This malware was reported by: Trendmicro
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
Trojan.Gargafx!dr
This malware was reported by: Symantec
Trojan.Gargafx!dr is a Trojan horse that exploits the Microsoft Word Macro Name Handler Buffer Overflow Vulnerability (as described in Microsoft Security Bulletin MS03-050) and drops a file on the compromised computer.
SymbOS.Cardtrp.Z
This malware was reported by: Symantec
W32/Bagle-DO
This malware was reported by: Sophos
W32/Bagle-DM
This malware was reported by: Sophos
WORM_BAGLE.DQ
This malware was reported by: Trendmicro
To get a one-glance comprehensive view of the behavior of this worm, refer to the Behavior Diagram shown below.
PWS-Puper.dr
This malware was reported by: Network Associates Inc
W32/Bagle.dy@MM
This malware was reported by: Network Associates Inc
-- Update March 3, 2006 --
The risk assessment of this threat has been updated to Low-Profiled due to media attention
http://www.techweb.com/wire/security/181500722
(Note: McAfee AVERT has observed instances of this threat, infected
Adware-SavingsHound
This malware was reported by: Network Associates Inc
W32.Beagle.DX@mm
This malware was reported by: Symantec
W32.Beagle.DX@mm is a mass-mailing worm that also spreads through file-sharing networks. It opens a back door on the compromised computer, attempts to lower security settings, and tries to download and execute remote files.
Uploader-AB
This malware was reported by: Network Associates Inc
VBS/Chiwum
This malware was reported by: Network Associates Inc
This is a destructive virus written in VBScript. It plays on social engineering in an effort to get executed. It requires Windows Scripting Host in order to execute.
VBS/Chiwum dropps itself following file:
C:Image.gif
C:ReadMe.txt.vb
Bat/CatNet
This malware was reported by: Network Associates Inc
Spam-FiveSec
This malware was reported by: Network Associates Inc
Keylog-SC
This malware was reported by: Network Associates Inc
Adware-Redalert.dr
This malware was reported by: Network Associates Inc
Keylog-Tong
This malware was reported by: Network Associates Inc
Joke-Restart
This malware was reported by: Network Associates Inc
W32/Bagle-DS
This malware was reported by: Sophos
W32/Bagle-FN
This malware was reported by: Sophos
Keylog-Windows
This malware was reported by: Network Associates Inc
W32.Spybot.AFEW
This malware was reported by: Symantec
W32.Spybot.AFEW is a worm that has distributed denial of service and back door capabilities. The worm spreads through AOL Instant Messenger and by exploiting vulnerabilities.
PWCrack-PWDump
This malware was reported by: Network Associates Inc
PWS-Banker.gen.z
This malware was reported by: Network Associates Inc
Troj/BankSnif-H
This malware was reported by: Sophos
Adware-Cygo
This malware was reported by: Network Associates Inc
JS.Ffsniff
This malware was reported by: Symantec
JS.Ffsniff is a JavaScript Trojan horse that logs information from HTML forms in Web pages and sends the information to a predefined email address.
The Trojan is a JavaScript file, which can be included with a malicious Mozilla Firefox browser extensi
PWSteal.Rivarts
This malware was reported by: Symantec
PWSteal.Rivarts is a Trojan horse that steals bank account and sensitive information and sends it to a remote server. It also gathers SSL web certificates and can hijack a browser connection.
The Trojan is usually downloaded from the following site:
[
UNIX_MARE.G
This malware was reported by: Trendmicro
To get a one-glance comprehensive view of the behavior of this Unix malware, refer to the Behavior Diagram shown below.
PHP_MARE.G
This malware was reported by: Trendmicro
To get a one-glance comprehensive view of the behavior of this Unix malware, refer to the Behavior Diagram shown below.
PE_ICABDI.A
This malware was reported by: Trendmicro
To get a one-glance comprehensive view of the behavior of this proof-of-concept file infector, refer to the Behavior Diagram shown below.
Backdoor.Nodelm
This malware was reported by: Symantec
Backdoor.Nodelm is a Trojan horse with back door capabilities that allows a remote attacker unauthorized access to the compromised computer.
Note: Virus definitions dated prior to March 4, 2006 may detect this threat as Backdoor.Trojan.