If you came to this page directly, click the icon at the left to be taken to our Home Page| If you came to this page directly, click the icon at the left to be taken to our Home Page |
||||
|
|
||||
|
|
November 2004 Select the links for detailed information and removal tools for the latest viruses Updated 12/02/2004
|
|
|
VBS.Yeno.B@mm VBS.Yeno.B@mm is a mass-mailing worm that sends itself to email addresses in the Microsoft Outlook address book. It also infects .vbs, .vbe, .htm, and .html files on drives C, D and E. Large scale
e-mailing: Sends email to all addresses in the Outlook addressbook. Read the full Symantec report here VBS.Yeno.C@mm VBS.Yeno.C@mm is a mass-mailing worm that sends itself to the email addresses in the Microsoft Outlook address book. It also infects .vbs, .vbe, .htm, and .html files on drives C, D and E. Large scale
e-mailing: Sends email to all addresses in the Outlook addressbook. Read the full Symantec report here W32.Bagz.H@mm W32.Bagz.H@mm is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses gathered from a compromised system. It also lowers the security settings by overwriting the local hosts file and preventing access to several security-related Web sites. Large scale
e-mailing: Sends mail to addresses harvested from the local system. Read the full Symantec report here W32.Randex.BTB W32.Randex.BTB is a network aware worm that spreads to network shares protected by weak passwords. It also opens a back door and may be remotely controlled via IRC channels. Compromises
security settings: Allows unauthorized remote use of an infected computer.
Read the full Symantec report here VBS.Midfin@mm VBS.Midfin@mm is an encrypted VBScript mass-mailing worm. It sends itself to all email addresses in the Microsoft Outlook address book. It also spreads using MIRC, and infects all .vbs and .vbe files. Large scale
e-mailing: Sends a mass-mailing. Read the full Symantec report here W32.Gaobot.BQJ W32.Gaobot.BQJ is a network-aware worm that opens a backdoor and can be controlled through IRC channels. It also attempts to lower security settings by terminating processes and by blocking access to security related Web sites. It spreads by exploiting vulnerabilities, and through backdoors opened by other malicious threats. Payload:
Allows unauthorized remote access. Read the full Symantec report here W32.Mydoom.AH@mm W32.Mydoom.AH@mm is a mass-mailing worm which exploits the Microsoft Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability (BID 11515). It also spreads by sending itself to the email addresses that it finds on the infected computer. Large scale
e-mailing: Sends itself to the email addresses that it finds on the infected
computer. Read the full Symantec report here W32.Mydoom.AI@mm W32.Mydoom.AI@mm is a mass-mailing worm which exploits the Microsoft Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability (BID 11515). It also spreads by sending itself to email addresses it finds in the Windows address book. Large scale
e-mailing: Sends itself to the email addresses that it finds on the infected
computer. Read the full Symantec report here W32.Orpheus.A W32.Orpheus.A is a network-aware worm that opens a backdoor on the infected host. Payload:
Allows unauthorized remote access. Read the full Symantec report here W32.Mydoom.AJ@mm W32.Mydoom.AJ@mm is a mass-mailing worm that exploits Microsoft Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability (BID 11515). It spreads by sending a link via email to the addresses that it finds on an infected computer. Payload: Allows unauthorized remote access. Read the full Symantec report here W32.Mydoom.AK@mm W32.Mydoom.AK@mm is a mass-mailing worm that exploits the Microsoft Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability (as described in Bugtraq ID 11515). The worm also spreads by sending an email to addresses that it finds on the infected computer. Payload Trigger:
Allows unauthorized remote access. Read
the full Symantec report here
W32.Bofra.E@mm W32.Bofra.E@mm is a mass-mailing worm that exploits the Microsoft Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability (as described in Bugtraq ID 11515). It spreads by sending the email addresses that it finds on an infected computer. Read the full Symantec report here W32.Beagle.AX@mm W32.Beagle.AX@mm is a mass-mailing worm that also spreads through file-sharing networks. The worm will open a backdoor on TCP port 2002. Large scale
e-mailing: Sends email to the addresses collected from an infected computer.
Read the full Symantec report here W32.Sober.I@mm W32.Sober.I@mm
is a mass-mailing worm that uses its own SMTP engine to spread by sending
itself as an email attachment to addresses gathered from the infected
computer. This threat is written in the Microsoft Visual Basic programming language and is compressed with UPX. Note: Live Update
definitions with sequence number 38560 or greater will detect this threat.
Read
the full Symantec report here
Trojan.Vundo Trojan.Vundo is a component of an adware program that downloads and displays pop-up advertisements. It is known to be installed by visiting a Web site link contained in a spammed email. Degrades
performance: Unauthorized process is running Read the full Symantec report here Get the Removal Tool here W32.Yanz.B@mm W32.Yanz.B@mm is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses that it retrieves from the infected computer. Payload:
Downloads and executes a remote file. Read
the full Symantec report here
W32.Inzae.A@mm W32.Inzae.A@mm is a mass-mailing worm that uses its own SMTP engine to spread by sending itself as an email attachment. Large scale
e-mailing: Sends email to the addresses collected from an infected computer.
Read the full Symantec report here W32.Inzae.B@mm W32.Inzae.B@mm is a mass-mailing worm that uses its own SMTP engine to send itself to all the email addresses that it retrieves from the infected machine. Large scale
e-mailing: Sends email to the addresses collected from an infected computer.
Read
the full Symantec report here
W32.Garroch@mm W32.Garroch@mm is a simple worm that sends itself to all addresses it finds in the Microsoft Outlook address book. It also displays a picture and plays a sound emulating a human voice. Large scale
e-mailing: Sends itself to all addresses in the Microsoft Outlook address
book. Image:
Read the full Symantec report here Backdoor.Berbew.M Backdoor.Berbew.M is a Trojan horse that steals cached passwords from an infected computer. The Trojan also opens a back door allowing a remote attacker to have unauthorized access to the infected computer. Deletes files:
Deletes folders named 'system' Read the full Symantec report here W32.Salga.A@mm W32.Salga.A@mm is a mass-mailing worm that uses Microsoft Outlook to send itself to all the email addresses that it finds in the Outlook Address Book. It also attempts to spread through mIRC, file-sharing networks, and network shares. Large scale e-mailing: Sends itself to email addresses collected from files on the local system.Degrades performance: Mass-mailing may impact system performance. Read the full Symantec report here W32.Mugly.B@mm W32.Mugly.B@mm is a worm that uses its own SMTP engine to spread by sending itself as an email attachment. It also drops and runs a W32.Spybot.Worm variant. Large scale e-mailing: Sends itself to email addresses collected from files on the local system.Degrades performance: Mass-mailing may impact system performance. Subject of email: Hhahahah lol!!!!, Your Pic On A Website!!, Rate My Pic......., or You have an Admirer. Name of attachment: Attachment.zip Attached image:
Read the full Symantec report here
|
|
|
©
Copyright 1999 - 2004 The Computer Wizard
|
||||
