-
W32.Yaha.K@mm
W32.Yaha.K@mm is a variant of W32.Yaha.E@mm.
The worm terminates some antivirus and firewall
processes. It uses its own SMTP engine to
email itself to all contacts in the Windows
Address Book, the MSN Messenger, the .NET
Messenger, the Yahoo Pager, and all files
whose extensions contains the letters HT.
-
W32.HLLW.Winevar
A mass-mailing worm that disables some Antivirus
and Firewall programs and drops and executes
the W32.FunLove.4099 virus.
-
W32.Brid.A@mm
A mass-mailing worm that includes a slightly
modified variant of W32.FunLove.4099. When
it is executed, the worm attempts to insert
several files on the system, it copies these
files to the Windows desktop:
-
W32.Bugbear.A@mm
W32.Bugbear.A@mm is a mass-mailing worm. It
can also spread through Network shares. It
has backdoor capabilities. The worm will also
attempt to terminate the processes of various
antivirus and firewall programs.
When run, the worm copies itself to Windows
System directory with a random name (JFMV.EXE
for example) and adds a startup key for this
file to the Registry: [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce]
-
W32.Opaserv.A.Worm
This memory-resident worm propagates through
and across networks via shared C:\ drives.
This worm registers itself as a process and
repetitively scans for machines connected
to the network by incrementing the last octet
on the IP address of the infected system.
-
W32.Frethem.K@mm
W32.Frethem.K@mm is a mass-mailing worm, and
is a variant of W32.Frethem.E@mm. It uses
its own SMTP engine to send itself to email
addresses that it finds in the Microsoft Windows
Address Book and in .dbx, .wab, .mbx, .eml,
and .mdb files.
-
VBS.VBSWG.AQ@mm
VBS.VBSWG.AQ@mm is a VBScript worm that is
designed to send itself as ShakiraPics.jpg.vbs
to users of Microsoft Outlook or IRC. This
worm also overwrites .vbs and .vbe files with
its own code.
-
W32.Klez.H@mm
W32.Klez.H@mm is a new variant of W32.Klez.E@mm
worm. It is mass-mailing email worm that also
attempts to copy itself to network shares
for propagation.
-
W32.Mylife.B@mm
W32.Mylife.B@mm is a mass-mailing worm that
is written in Visual Basic. The worm uses
Microsoft Outlook to spread itself via email.
-
W32.Fbound.c@mm
W32.Fbound.c@mm is a mass-mailing worm. It
mails itself to all email addresses listed
in the infected user's Windows Address Book
(WAB).
-
W32.Gibe@mm
W32.Gibe@mm is a worm which arrives in a fake
Microsoft Security Update.
-
W32.Klez.E@mm
W32.Klez.E@mm is a new variant of W32.Klez.D@mm
worm. It is mass-mailing email worm that also
attempts to copy itself to network shares
for propagation.
-
W32.Yarner.A@mm
W32.Yarner.A@mm has its own SMTP emailing
engine which gets email addresses from the
Microsoft Outlook address book and .pl, .php,
.htm, .shtm, and .cgi files, storing them
in the file kernei32.daa.
-
W32.Myparty@mm
W32.Myparty@mm is a mass-mailing worm that
is written in Visual C++. It has a built-in
SMTP engine, which it uses to send itself
via email to all addresses listed in the infected
user's Windows Address Book and all addresses
within Outlook Express Inboxes and folders.
繁體版
