Bagle.GE
This malware was reported by: F-Secure
Bagle.GF
This malware was reported by: F-Secure
SDropper.A
This malware was reported by: F-Secure
SDropper
This malware was reported by: F-Secure
Troj/DwnLdr-AKR
This malware was reported by: Sophos
W32/Rbot-CSC
This malware was reported by: Sophos
TROJ_SMALL.BNN
This malware was reported by: Trendmicro
To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Behavior Diagram shown below.
StartPage-JB
This malware was reported by: Network Associates Inc
Downloader-AUB
This malware was reported by: Network Associates Inc
Exponny
This malware was reported by: Network Associates Inc
VBS/SevenC
This malware was reported by: Network Associates Inc
VBS/Diehad
This malware was reported by: Network Associates Inc
Downloader-AUL.dr
This malware was reported by: Network Associates Inc
Joke-Schock
This malware was reported by: Network Associates Inc
MultiDropper-QJ
This malware was reported by: Network Associates Inc
StartPage-JE
This malware was reported by: Network Associates Inc
PWSteal.Maplosty
This malware was reported by: Symantec
PWSteal.Maplosty is a Trojan horse that attempts to steal information related to the MapleStory online game, and send it to a predetermined email address.
Bagle.HX
This malware was reported by: Panda Software
 Bagle.HX is a worm that has rootkit functionalities, which allow it to hide files, processes and Windows Registry entries. It attempts to disable services belonging to several security tools, such as antivirus programs and firewalls, among others.Aditio
Downloader-AUJ
This malware was reported by: Network Associates Inc
W32/Cellery-B
This malware was reported by: Sophos
Downloader-AAK
This malware was reported by: Network Associates Inc
Adware-VirtualGirl
This malware was reported by: Network Associates Inc
Downloader-AUX
This malware was reported by: Network Associates Inc
W32/Mytob.hg@MM
This malware was reported by: Network Associates Inc
This detection is for a mass-mailing worm that combines W32/Mydoom@MM
functionality with W32/Sdbot.worm
functionality. Its behavior is largely similar to other W32/Mytob
variants.
This variant also drops NTRootKit-P Trojan to hide
Exploit-CreateTxtRng
This malware was reported by: Network Associates Inc
Troj/Loosky-BY
This malware was reported by: Sophos
Troj/VB-API
This malware was reported by: Sophos
Adware-Ndware
This malware was reported by: Network Associates Inc
W32.Rontokbro.X@mm
This malware was reported by: Symantec
W32.Rontokbro.X@mm is a mass-mailing worm that lowers security settings and causes system instability.
BackDoor-CYL
This malware was reported by: Network Associates Inc
W97M.Lix
This malware was reported by: Symantec
W97M.Lix is a macro virus that lowers security settings and uploads copy of the infected document to a designated FTP server. W97M.Lix also downloads and executes batch files.
JS_DLOADER.BXR
This malware was reported by: Trendmicro
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
Downloader-AVK
This malware was reported by: Network Associates Inc
PWS-PartyPooper
This malware was reported by: Network Associates Inc
TROJ_MITGLIED.AI
This malware was reported by: Trendmicro
To get a one-glance comprehensive view of the behavior of this worm, refer to the Behavior Diagram shown below.
W32/Tilebot-DW
This malware was reported by: Sophos
W32/Feebs-N
This malware was reported by: Sophos
W32/Rontokbr-A
This malware was reported by: Sophos
EXPL_TXTRANGE.A
This malware was reported by: Trendmicro
To get a one-glance comprehensive view of the behavior of this exploit, refer to the Behavior Diagram shown below.
Bloodhound.Exploit.61
This malware was reported by: Symantec
Bloodhound.Exploit.61 is a heuristic detection for the Microsoft Internet Explorer CreateTextRange Remote Code Execution Vulnerability (BID 17196).
Troj/Puper-EY
This malware was reported by: Sophos
Troj/Clagger-M
This malware was reported by: Sophos
WORM_MINUSIA.A
This malware was reported by: Trendmicro
To get a one glance comprehensive view of the behavior of this backdoor program, refer to the Behavior Diagram shown below.
W32/Rbot-CTJ
This malware was reported by: Sophos
W32/Sdbot-BBA
This malware was reported by: Sophos
Downloader-AUT
This malware was reported by: Network Associates Inc
Troj/Orse-R
This malware was reported by: Sophos
W32/Cellery-B
This malware was reported by: Sophos
MultiDropper-QK
This malware was reported by: Network Associates Inc
W32/Bagle.ea
This malware was reported by: Network Associates Inc
W32/Bagle.ea is a trojan which terminates processes and services, most of which are related to popular security and antivirus applications. It also uses a rootkit component for hiding its presence on an infected system.
Upon execution, th
Keylogger.Stranget.B
This malware was reported by: Symantec
Download.Fullalc
This malware was reported by: Symantec
Download.Fullalc is a Trojan horse that downloads and executes a remote file, which is a copy of the Trojan Keylogger.Stranget.B.
Adware-SpywareQuake
This malware was reported by: Network Associates Inc
SpywareQuake
This malware was reported by: Network Associates Inc
Small.coy
This malware was reported by: F-Secure
W32.Gammiy
This malware was reported by: Symantec
W32.Gammiy is a virus that searches network shares and infects executable files.
Trojan.Stranget.B
This malware was reported by: Symantec
Trojan.Stranget.B is a Trojan horse that logs keystrokes, steals passwords and system information, and sends it to a remote attacker. It also downloads files and opens an FTP server by exploiting the Microsoft Internet Explorer CreateTextRange Remote C
Htool-Dog
This malware was reported by: Network Associates Inc
Troj/Bdoor-XD
This malware was reported by: Sophos
Troj/Loosky-BY
This malware was reported by: Sophos
Downloader-ATF
This malware was reported by: Network Associates Inc
TROJ_DLOADER.CPD
This malware was reported by: Trendmicro
To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Behavior Diagram shown below.
CratetxtRnge
This malware was reported by: Panda Software
W32/Brontok-Z
This malware was reported by: Sophos
W32/Tilebot-DW
This malware was reported by: Sophos
W32/Feebs-N
This malware was reported by: Sophos
Troj/Puper-EY
This malware was reported by: Sophos
Troj/Hearse-A
This malware was reported by: Sophos
DollarRevenue
This malware was reported by: Network Associates Inc
FakeAlert-B
This malware was reported by: Network Associates Inc
PWSteal.Marlap
This malware was reported by: Symantec
PWSteal.Marlap is a Trojan horse that displays a fake AOL message and sends confidential information to the attacker.
JS/Relink
This malware was reported by: Network Associates Inc
StealWar.A
This malware was reported by: F-Secure
BackDoor-CYQ
This malware was reported by: Network Associates Inc
BackDoor-CYP
This malware was reported by: Network Associates Inc
CreatetxtRange
This malware was reported by: Panda Software
Trojan.Textcash
This malware was reported by: Symantec
Trojan.Textcash is a Trojan horse that executes a CAB file in Internet Explorer cache folders by exploiting the Microsoft Internet Explorer CreateTextRange Remote Code Execution Vulnerability (BID 17196).
Troj/Singu-AK
This malware was reported by: Sophos
Troj/Drsmartl-X
This malware was reported by: Sophos
Multidropper-QA
This malware was reported by: Network Associates Inc
W32/Alcra-F
This malware was reported by: Sophos
Troj/Bdoor-XD
This malware was reported by: Sophos
PWSteal.Marlap.B
This malware was reported by: Symantec
PWSteal.Marlap.B is a Trojan horse that steals sensitive information and sends it to predetermined Web sites.
Bagle.HZ
This malware was reported by: Panda Software
 Bagle.HZ is a worm that has rootkit functionalities, which allow it to hide files, processes and Windows Registry entries. It attempts to disable services belonging to several security tools, such as antivirus programs and firewalls, among others.
VBS.Welinf.A
This malware was reported by: Symantec
VBS.Welinf.A is a malicious, embedded Visual Basic Script found in files infected with W32.Welinf.A.
W32.Welinf.A
This malware was reported by: Symantec
W32.Welinf.A is a virus that infects .vbs, .htm, and .html files with VBS.Welinf.A. The threat also has back door capabilities.
Troj/RKDepo-A
This malware was reported by: Sophos
W32/Brontok-Z
This malware was reported by: Sophos
Bancos Family
This malware was reported by: Computer Associates
Troj/Loosky-CA
This malware was reported by: Sophos
StartPage-IV
This malware was reported by: Network Associates Inc
StartPage-IS
This malware was reported by: Network Associates Inc
Hupigon.apo
This malware was reported by: F-Secure
W32/Mytob-HA
This malware was reported by: Sophos
Troj/Hearse-A
This malware was reported by: Sophos
W32.Detnat
This malware was reported by: Symantec
W32.Detnat is a virus that searches network shares and infects executable files. It also downloads and executes PWSteal.Lineage from predetermined Web sites.
Bagle.IB
This malware was reported by: Panda Software
 Bagle.IB is a worm that has rootkit functionalities, which allow it to hide files, processes and Windows Registry entries. It attempts to disable processes belonging to several security tools, such as antivirus programs and firewalls, among others.
W32/Renama@MM
This malware was reported by: Network Associates Inc
W32/Renama@MM is a mass mailer that spreads by replying to the existing emails in the Outlook inbox. It also spreads via network shares and removable drives.
Upon execution, the worm drops a text file by name "system_log.txt" in %WINDIR%
Troj/DNSBust-L
This malware was reported by: Sophos
Troj/Singu-AK
This malware was reported by: Sophos