/virus/Network-Worms/ Network Worms zh-cn www.virus-Encyclopedia.com admin@yourmail.com /virus/InternetWorms/worms1657.html The kido worm family creates files autorun.inf and RECYCLED{SID<....>}RANDOM_NAME.vmx on removable drives (sometimes on public network shares) Net-Worm.Win32.kido.ir is a windows startup script (AUTORUN.INF file). The size of the file is bet 2011-01-09 Internet Worms http://www.securelist.com/ /virus/Network-Worms/other/worms1647.html Clippo.A puts a password to all the Office documents it finds in the computer and even in the removable drives, so that users cannot open them. This way users will have to enter a password when they want to open Word or Excel docum 2011-01-06 other worms http://www.pandasecurity.com/ /virus/Network-Worms/other/worms1641.html Visal.A carries out the following actions: It reduces the protection level of the affected computer, as it prevents many programs related to computer security from being run, like antivirus solutions and firewalls. It disables the foll 2011-01-06 other worms http://www.pandasecurity.com/ /virus/InternetWorms/worms1640.html MS10-061 is not categorized as virus, worm, Trojan or backdoor. It is a critical vulnerability in the Windows Print Spooler service on Windows 2008/7/Vista/2003/XP computers, which allows arbitrary code to be remotely execu 2011-01-06 Internet Worms http://www.pandasecurity.com/ /virus/InternetWorms/worms1639.html MS10-062 is not categorized as virus, worm, Trojan or backdoor. It is a critical vulnerability in MPEG-4 codec on Windows 2008/vISTA/2003/XP computers, which allows arbitrary code to be remotely executed in the vulnerable computer. There is 2011-01-06 Internet Worms http://www.pandasecurity.com/ /virus/InternetWorms/worms1638.html MS10-063 is not categorized as virus, worm, Trojan or backdoor. It is a critical vulnerability in the Unicode Script Processor on Windows 2008/Vista/2003/XP computers and on Office 2007/2003/XP, which allows arbitrary code to be 2011-01-06 Internet Worms http://www.pandasecurity.com /virus/InternetWorms/worms1627.html Additionally, it has backdoor characteristics, as it attempts to connect to an IRC channel in order to receive instructions from its creator, such as downloading files or launching denial of service attacks, among others. 2008-12-26 Internet Worms Virus Encyclopedia /virus/Network-Worms/other/worms1626.html MoonLight.V is a worm whose main objective is to spread and affect as many computers as possible. The means it uses to spread are the peer-to-peer (P2P) file sharing programs and email messages. 2008-12-26 other worms Virus Encyclopedia /virus/InternetWorms/worms1617.html The detected websitehosting malware can be found on the Internet on different domains, but the mechanism is always the same : display false adverts in order to trick the user into downloading and installing another malware which is a rogue antivirus 2008-12-20 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms1615.html The Adware.NaviPromo malware family is an advanced and difficult-to-detect adware that runs silently on the infected computer. It uses rootkit techniques to hide its files on disk and memory. It also hides its registry entries.This malware comes bund 2008-12-20 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms1614.html The detected websitehosting malware can be found on the Internet on different domains, but the mechanism is always the same : display false adverts in order to trick the user into downloading and installing another malware which is a rogue antivirus 2008-12-20 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms1613.html The detected websitehosting malware can be found on the Internet on different domains, but the mechanism is always the same : display false adverts in order to trick the user into downloading and installing another malware which is a rogue antivirus 2008-12-20 Internet Worms auther Virus Encyclopedia /virus/Network-Worms/Email/worms1262.html This is an Internet worm that spreads via e-mail as an attached EXE file. The worm itself is a Win32 executable file about 70Kb in length, and written in VisualBasic. The worm has many bugs, and in many cases (in all cases in any environment?), does 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1260.html This is the worm virus spreading via the Internet being attached to infected emails. The worm itself is Windows PE EXE file about 18Kb of length, written in Delphi.The infected messages have:Subject: About usBody:I have included a program which illu 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1257.html This is a virus-worm that spreads via the Internet attached to infected e-mails. The worm itself is a Windows PE EXE file 5632 bytes in length, and it is written in Visual Basic 6. It is packed by a UPX utility. After unpacking, it is about 16 Kb i 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1258.html This is a virus-worm that spreads via the Internet, attached to infected e-mails. The worm itself is a Windows PE EXE file about 4Kb in length and written in Assembler. The main worm code is compressed by a built-in aPLib data compression algorithm, 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1255.html This version of Bagle is unable to propagate independently. However, all other functionality indicates that it is a member of the Bagle family. This program was mass mailed using spamming technologies. The worm itself is a PE EXE file. The packed fi 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1256.html This Bagle variant is unable to replicate independently. However, all other functionality indicated that this worm is a member of the Bagle family. It was mass mailed using spamming technologies.The worm arrives as an attachment to infected messages 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1254.html Bagle.z is an Internet worm spreading as an infected email attachment.The worm is a PE EXE file about 20-22 KB.Bagle.z is packed with UPX and the unpacked file size is 55 KB.The body of the worm contains a new poem:In a difficult world In a nameless 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1251.html This worm spreads via the Internet as an attachment to infected messages. It sends itself to all email addresses found on the victim machine. It also spreads via P2P networks and shared network resources.The worm itself is a PE EXE file, 19KB or mor 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1249.html This Bagle variant is identical to the previous version except for the version of the packer used to compress the infected file.See the description of Bagle.at for details. 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1250.html This worm spreads via the Internet in an attachment to infected emails.The worm itself is a Window PE EXE file of approximately 15KB.Messages sent by the worm have the following characteristics:From:random senderSubject:HiBody:Test =)Signature:Test, 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1247.html This worm spreads via the Internet in the form of an attachment to infected emails.The worm itself is a PE EXE file of approximately 11KB, compressed using UPX. The size of the decompressed file is approximately 16KB.Characteristics of infected mess 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1245.html Bagle.al is a worm that spreads as an email attachment and via file sharing networks.The worm is written in Assembler.Bagle.al is made up of 2 main components:A ZIP file spreading as an email attachment; the body of the worm, which is downloaded fro 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1246.html This worm spreads via the Internet in the form of an attachment to infected emails.The worm itself is a PE EXE file of approximately 15KB, compressed using UPX. The size of the decompressed file is approximately 28KB.Characteristics of infected mess 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1243.html This worm spreads via the Internet as an attachment to infected messages and also via P2P networks.It is approximately 20 KB in size and packed using PEX.InstallationOnce launched, the worm copies itself to the Windows system directory as winxp.exe. 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1244.html This worm is almost identical to Email-Worm.Win32.Bagle.ai. It differs from Bagle.ai only in its size, the name of the file it creates, and the corresponding registry key. It creates a file named sysxp.exe, rather than winxp.exe. 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1241.html This worm spreads via the Internet as an attachment to infected messages. The worm itself is a PE EXE file of approximately 38KB, packed using UPX. The unpacked file is approximately 70KB in size.Characteristics of infected messagesSender's address 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1242.html This worm spreads via the Internet as an attachment to infected messages, and also via file-sharing networks.It is packed using UPX and PEX. The unpacked file is approximately 66KB in size.The file contains a ZIP archive which contains the complete 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1239.html This worm spreads via the Internet as a file attached to infected emails. The worm itself is a PE EXE file of approximately 17KB, packed using PEX. The unpacked file is approximately 27KB in size. Infected messages have the following characteristics 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1240.html This worm spreads via the Internet in the form of an attachment to infected emails.The worm itself is a PE EXE file of approximately 15KB, compressed using UPX. The size of the decompressed file is approximately 28KB.Characteristics of infected mess 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1237.html This worm spreads via the Internet as an attachment to infected messages. It sends itself to email addresses harvested from the victim machine.The worm is also able to download other files from the Internet without the user's knowledge or consent. 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1238.html This new member of the Bagle family closely resembles it's predecessor, Bagle.s. Infected emails also have empty subjects and message bodies.In Bagle.t the attachment is 8208 bytes in size. Bagle.t is compressed by FSG and the unpacked file is about 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1235.html Bagle.i is 12288 bytes in size, packed using UPX. The unpacked file is 49152 bytes in size.Like previous versions of Bagle, Bagle.i sometimes sends copies of itself in password protected ZIP format. In this case, the password is included in the body 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1236.html This worm spreads via the Internet as a file attached to infected messages. It also spreads via file-sharing networks.The worm is a PE EXE file of approximately 21KB, packed using PEX. The unpacked file is approximately 35KB in size.The worm also se 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1233.html This worm spreads via the Internet as an attachment to infected messages, and also via file sharing networks. It is packed using UPX; the size of the compressed file is 12843 bytes, and the size of the uncompressed file is 49707 bytes. The worm may 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1234.html This worm spreads via the Internet as an attachment to infected messages, and also via filesharing networks. It is packed using PEX; the size of the packed file is 22815 bytes, and the size of the unpacked files is 36629 bytes. However, the worm may 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1231.html This version of Bagle is unable to propagate by itself. However, all other functions are the same as other worms from the Bagle family. According to Kaspersky Labs' classification, this worm is the 'intended' version.This worm is almost identical 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1229.html This worm spreads throughout the Internet via carrier email and file-sharing networks. The carrier email does not contain the worm itself, but a script Trojan which downloads the worm from the Internet. The worm is coded to infect executable files.T 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1230.html This file is a polymorphic dropper, which sends infected messages and infected files. The encryption algorithm used means that the size of the file varies. Characteristics of infected messages: Sender's address (chosen at random from the list below 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1227.html This worm is practically identical to I-Worm.Bagle.p; it differs in that a different algorithm is used to encrypt the worm's code. 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1224.html This is a worm spreading under Win32 systems. The virus sends e-mail messages with infected attached files, as well as installs a spying Trojan component to steal information from infected systems. The worm was discovered in-the-wild on April 12 200 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1226.html This is a worm that spreads under Win32 systems. The virus sends e-mail messages with infected files attached, as well as installs a spying Trojan component to steal information from infected systems. The worm was discovered in-the-wild in November 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1223.html This is a worm virus spreading via the Internet being attached to infected emails and through local network by copying itself to shared network drives. The worm has password stealing routines.The worm itself is a Windows PE EXE file written in Micros 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1221.html This worm spreads via the Internet as an attachment to infected messages. The worm itself is a Windows PE EXE file approximately 11KB in size. It is packed using FSG, and the unpacked file is approximately 25KB in size.Infected messagesMessage subje 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1222.html This is a Win32 worm that spreads by sending itself via e-mail to the recipients in a victim's Outlook Address book.When launched on a 'clean' PC, the worm copies itself to %SYSTEM%\Setup30.exe. The worm also writes an auto-start key, so it will 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1219.html This worm spreads via the Internet as an attachment to infected messages. It sends itself to email addresses harvested from the victim machine.The worm is a Windows file, written in Borland Delphi. It is approximately 410KB in size.InstallationThe w 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1220.html This is a virus-worm that spreads via the Internet as an attachment to infected e-mails.Also known as Readme. The worm itself is a Windows PE EXE file about 25Kb in length and written in Visual Basic Script.The infected messages contain the followi 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1217.html This is a virus-worm that spreads via Internet channels being attached to e-mail messages as the ULTRA.EXE Windows executable file. This worm is related to I-Worm_Suppl. The worm has a very dangerous payload: within one week following computer infec 2008-12-03 Email Worms admin Virus Encyclopedia /virus/Network-Worms/Email/worms1218.html This is the worm virus spreading via the Internet being attached to infected emails. The worm itself is a Windows PE EXE file about 462Kb of length (or about 186Kb in UPX packed form), written in Delphi.The message has followed fields:Subject:ANTS V 2008-12-03 Email Worms admin Virus Encyclopedia