/virus/InternetWorms/ Network Worms / Internet Worms zh-cn www.virus-Encyclopedia.com admin@yourmail.com /virus/InternetWorms/worms1657.html The kido worm family creates files autorun.inf and RECYCLED{SID<....>}RANDOM_NAME.vmx on removable drives (sometimes on public network shares) Net-Worm.Win32.kido.ir is a windows startup script (AUTORUN.INF file). The size of the file is bet 2011-01-09 Internet Worms http://www.securelist.com/ /virus/InternetWorms/worms1640.html MS10-061 is not categorized as virus, worm, Trojan or backdoor. It is a critical vulnerability in the Windows Print Spooler service on Windows 2008/7/Vista/2003/XP computers, which allows arbitrary code to be remotely execu 2011-01-06 Internet Worms http://www.pandasecurity.com/ /virus/InternetWorms/worms1639.html MS10-062 is not categorized as virus, worm, Trojan or backdoor. It is a critical vulnerability in MPEG-4 codec on Windows 2008/vISTA/2003/XP computers, which allows arbitrary code to be remotely executed in the vulnerable computer. There is 2011-01-06 Internet Worms http://www.pandasecurity.com/ /virus/InternetWorms/worms1638.html MS10-063 is not categorized as virus, worm, Trojan or backdoor. It is a critical vulnerability in the Unicode Script Processor on Windows 2008/Vista/2003/XP computers and on Office 2007/2003/XP, which allows arbitrary code to be 2011-01-06 Internet Worms http://www.pandasecurity.com /virus/InternetWorms/worms1627.html Additionally, it has backdoor characteristics, as it attempts to connect to an IRC channel in order to receive instructions from its creator, such as downloading files or launching denial of service attacks, among others. 2008-12-26 Internet Worms Virus Encyclopedia /virus/InternetWorms/worms1617.html The detected websitehosting malware can be found on the Internet on different domains, but the mechanism is always the same : display false adverts in order to trick the user into downloading and installing another malware which is a rogue antivirus 2008-12-20 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms1615.html The Adware.NaviPromo malware family is an advanced and difficult-to-detect adware that runs silently on the infected computer. It uses rootkit techniques to hide its files on disk and memory. It also hides its registry entries.This malware comes bund 2008-12-20 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms1614.html The detected websitehosting malware can be found on the Internet on different domains, but the mechanism is always the same : display false adverts in order to trick the user into downloading and installing another malware which is a rogue antivirus 2008-12-20 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms1613.html The detected websitehosting malware can be found on the Internet on different domains, but the mechanism is always the same : display false adverts in order to trick the user into downloading and installing another malware which is a rogue antivirus 2008-12-20 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms178.html SQL.Spida.b is a new version of the worm SQL.Spida.a.Unlike the previous variant, SQL.Spida.b became quite widespread especially in Far Eastern Asian countries.When comparing "b" to "a", "b" was improved not to use the sqlpoke clone, and inste 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms176.html Inqtana is a Mac OSX worm that spreads via Bluetooth. It propagates by sending anObject Exchange (OBEX) Push data transfer request to the potential victim machine. If the user accepts the request, the worm exploits a Bluetooth File and Object Exchan 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms174.html Cabir is the first network worm capable of spreading via Bluetooth; it infects mobile phones which run Symbian OS.A wide range of phones from a number of manufacturers use this technology. It is clear that Nokia 3650, 7650 and N-Gage phones can all 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms172.html This worm spreads via the Internet using machines infected by I-Worm.Mydoom.m and penetrates victim machines via the backdoor installed by Mydoom.mIt is also programmed to conduct a DoS attack on www.microsoft.com.The worm is approximately 5760 byte 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms173.html This worm is programmed for mobile phones running Symbian OS.The worm itself is an SIS file named caribe.sis. The file is 17596 bytes in size.The file contains three other files:caribe.app: approximately 14440 bytes in size flo.mdl: approximately 25 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms171.html This worm propagates by copying its body to floppy disk in the guise of Microsoft Word documents.The worm itself is a Windows PE EXE file 65042 bytes in size, written in Delphi and packed using ASPack. The unpacked file is 132608 bytes in size.Insta 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms168.html This is a network worm. It replicates via shared network resources. The worm itself is a Windows PE EXE file, 49152 bytes in size. It is compressed by UPX and its decompressed size is about 219 KB. It is written in Borland Delphi. InstallingWhen ins 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms169.html This malicious program is a worm.It is a Windows PE EXE file.It is 67,072 bytes in size. Installation When launched, the worm copies its executable file to the Windows root directory:%WinDir%\Logo1_.exe The worm also extracts the following file fro 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms166.html Sluter is a worm virus that spreads over Win32 networks through shared resources.The worm is a Windows PE EXE file about 18KB in length (when compressed by UPX, the decompressed size is about 45KB). It is written in Microsoft Visual C .When the inf 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms164.html This worm spreads via Skype.Infected messages will be sent to all Skype contacts on the victim machine. The worm is a Windows PE EXE file.The file is 188,416 bytes in size. It is written in C . Installation In order to hide its functionality from 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms165.html This is a multi-component network worm. The worm spreads over shared network resources. The worm has bugs and has a little chance to spread over networks.The worm's components are:cnn3.exe- the main component (Win32 EXE file about 350K of size)abc.b 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms163.html This is a network worm spreading over local and global networks. To spread, the worm connects to remote computers, and if the disk is shared for full access, the worm copies itself there to the Windows startup directory (if it exists). The worm also 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms160.html "Randex" is a group of worms that spread over Win32 networks (local and global) through shared resources.The worms are Windows PE EXE files that appear under several names (see name ist below). Randex worms are written in Microsoft Visual C .A Ra 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms161.html Randon is a Virus-Worm distributed via IRC-channels and LANs with shared resources.When executed this worm installs its components into the subdirectory zxz and/or zx in the Windows system directory and registers its main file and the mIRC client in 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms159.html This network worms infects computers running Windows. It spreads via network resources with poor password protection.The worm itself is a Windows PE EXE file, 69KB or greater in size, packed using FSG. The unpacked file is 194KB or greater in size. 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms155.html This worm infects computers running under Windows.It spreads via poorly protected network resources.The worm itself is a PE EXE file. It is written in Microsof Visual C . The file is approximately 37KB in size.It is not packed in any way.Installati 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms156.html This worm copies itself and other malicious programs to system folders. It is a Windows PE EXE file.It is 1 221 bytes in size.It is packed using MEW. The unpacked file is approximately 98KB in size. Installation When launched, the worm copies its e 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms158.html This network worms spreads via network resources with poor password protection. The worm infects computers connected to the Internet, running Windows, which have Remote Administrator installed and weak password protection. The worm itself is a Windo 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms154.html It is not a dangerous Win32 worm virus. The virus itself is Windows PE EXE file about 51Kb of length, written in Microsoft Visual C . The virus copies itself to C:\WinNT directory with the "noplease_flash_movie.exe" name, then spreads with the sa 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms152.html Netres is a dangerous worm virus that functions only under Win32 systems. The worm spreads over local networks and copies itself to shared network drives. Some versions of the worm also copy themselves to subdirectories on the local drive and to flo 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms149.html This worm spreads via the Internet, propagating via a vulnerability in the FTP server of Worm.Win32.Sasser.Only computers which have already been infected by Sasser are vulnerable to Lemoor.Lemoor is written in Assembler, and is packed using FSG. Th 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms150.html It is not a dangerous Win32 worm virus. The virus itself is Windows PE EXE file about 17Kb of length, written in Microsoft Visual C . The virus is compressed by UPX, decompressed size is about 41K.The virus enumerates network resources and copies it 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms147.html Ladex is a network worm, it is efficient only under Windows NT/2000/XP and it is distributed on local area networks. It is a Windows (PE EXE) file about about 275K in size and is written in Microsoft Visual C .InstallationUpon being launched the wor 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms148.html This is an Internet worm that spreads through vulnerable machines. The worm works under Win32 systems only. The worm functionality is based on a special script language that allows a remote host to manage infected machines. The worm also is able (du 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms143.html This worm spreads on the hard disk of the victim machine and to write-accessible network resources.It is a Windows PE EXE file.Modifications of this program may vary in size from 26KB to 129KB. The program may be packed with a range of packers. Ins 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms144.html Grexon is local area network (LAN) worm. In copies itself to logical drives (local and network), as well as encodes network resources where it copies itself. The worm file size is about 7KB.When the worm is run it copies itself to the Windows tempora 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms145.html This is a local network worm that spreads on Win32 systems. The worm itself is a Win32 executable file about 60K in length, and it is written in MS Visual C . The known worm version is encrypted by PELock Win32 EXE file protection tool.The spreadin 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms140.html Worm.Win32.Feebs.gen is the detection for a number of variants in this family of Internet worms. Worms from the Feebs family spread as an attachment to infected messages and also via file-sharing networks.Worms from the Feebs family are capable of t 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms142.html Fleming is a malicious program that steals CD-Key information from the "Counter-Strike" and "Half-Life" games. It invites users to download this trojan program using Windows (.NET) Messenger. It also tries to download and install other malicious 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms139.html This worm spreads via the Internet as an attachment to infected messages, and via file-sharing networks.It sends itself to email addresses harvested from the victim machine.The worm itself is a PE EXE file approximately 55KB in size.InstallationOnce 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms136.html This worm spreads via the Internet as an attachment to infected messages. It sends itself to email addresses harvested from the victim machine.The worm itself is a Windows PE EXE file approximately 30KB in size, packed using MEW. The unpacked file i 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms137.html This worm propagates by creating copies of itself on local disks and write-accessible network resources.The worm is a JavaScript script (an HTML file).It is 4 612 bytes in size. Payload 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms135.html This worm spreads via the Internet, using computers infected by I-Worm.Mydoom.a and I-Worm.Mydoom.b to propagate. It is approximately 35KB in size, compressed using UPX. The size of the decompressed file is approximately 43 KB.InstallationOn launchi 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms132.html This is a network worm with Internet spreading ability. When the worm is run on a system for the first time, it installs itself. To do this, it copies itself to the Windows system directory with the WINMINE.EXE name and with the CHAINSAW.EXE name in 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms133.html This is a network worm. It replicates via shared network resources. The worm consists of 3 different files:MSVXD.EXE MSVXD16.DLL MSVXD32.DLLThe first component, MSVXD.EXE activates the worm by loading the MSVXD16.DLL library. In turn, MSVXD16.DLL lo 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms130.html This program is a PE EXE worm (Win32 application). It infects Win9x machines with open file shares. This worm propagates by randomly selecting an arbitrary IP address and attempting to connect to the "C" file share on that machine. If it is succes 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms128.html This is a very dangerous Win32 virus-worm. The virus itself is Windows PE EXE file about 23Kb in length (compressed by UPX, with a decompressed size about 52K), and written in Microsoft Visual C . It spreads via the local network, and infects Win3 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms129.html The Busan worm spreads through networks by copying itself to all accessible network resources. The worm is a Windows application (PE EXE-file) that is compressed with UPX and has a size 14KB. Its code is written in the C programming language.When 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms126.html This worm uses the Internet instant messaging system ICQ to spread via the Internet.The worm sends ICQ users a message with a URL, which is linked to a file which contains procedures to automatically download and execute the malicious component of t 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms125.html This worm creates copies of itself on removable storage media.It is a Windows PE EXE file.It is 73728 bytes in size. Installation Once launched, the worm copies its executable file to the Windows system directory:%System%\ssmicrco.scr Propagation T 2008-11-03 Internet Worms auther Virus Encyclopedia /virus/InternetWorms/worms122.html This worm creates copies of itself on local disks and write-accessible removable disks.It is a Windows PE EXE file.It is packed using UPX.The size of infected files may vary from 220KB to 275KB. Installation When launching, the worm copies its execu 2008-11-03 Internet Worms auther Virus Encyclopedia