List of Viruses

1. W32.NetSky.
D@mm
...W32.Netsky.D@mm is a mass-mailing worm that sends itself to email addresses it gathers from infected
computers.Actions done by this mailware when run: - copy itselfs into windows using "winlogon.exe" name
and adds it to startup using registry key:&n...
2. Trojan.HTML.Zlob.AA
...ware has an entire network of spreading using the method described. Here are two of sites that contain
this kind of actions : hot-pornotube2008.com , porn-youtube-8.com....
3. Win32.Gibe.B@mm
...you sure you want to cancel? Spreading through Kazaa: The worm finds Kazaa shared folder through the
registry, and copies itself there. It can also create a new shared folder, through the registry, located in
Windows\Temp folder and put a copy of itself there. S...
4. Win32.P2P.Lorrin.A@mm
...The worm spreads itself via email, attached as mentioned before and also by sharing itself through the
most common P2P programs as follows: eDonkey 2000 Gnucleus ICQ KaZaA LimeWire Morpheus Grokster
It copies itself in listed below folders: \edonkey2000\incoming...
5. Trojan.JS.Downloader.ABN
...This JavaScript trojan downloads and executes malware from http://ybrvhgwuzc.biz by taking advantage
of the Internet Explorer vulnerabulity presented in MS06-057 bulletin. It only affects unpatched systems....
6. Trojan.Downloader.Vb.OC
...Trojan.Downloader.Vb.OC is a component of another malware , Winks Installer which disguises itself as a
a patch for MSN Messenger to add new emoticons.It downloads updates from these
links:http://monkey.t35.com/winks/org_jap/[REMOVED]http://monkey.t35.com/winks/or...
7. Win32.Worm.Welchia.F
...This is a recompiled bugfix version of Win32.Welchia.B, with no interesting new features. A description of
Win32.Welchia.B is available at http://www.bitdefender.com/bd/site/virusinfo.php?menu_id=1&v_id=192...
8. Win32.MyDoom.AE@mm
..., www.symantec.com. E-mail spreading The e-mail spreading engine is classic. The worm harvests e-
mail addresses from files likely to contain them across the hard disk drive. It avoids to send infected e-mail
messages to servers that contain one of the string...
9. Win32.Manymize.A@mm
...s is an Internet worm that is spreading using two different exploits. The first is Iframe exploit and it allows
the worm to be executed when the user previews the e-mail. The second one allows a script to be executed
from a .wmv file (Windows Media File). It a...
10. Trojan.Dropper.Delf.HS
...esses. The variant having a higher spread comes with an embeded IM worm which is detected as
Win32.Worm.Potos.A . It drops the worm as %system%\sysprinters.dll and then a copy of the whole
package as %windir%\myalbum2007.zip. The worm will run as a remote thre...
11. Win32.Worm.Welchia.B
...The worm comes by exploiting one of the following: 1. DCOM RPC vulnerability described in MS03-026
bulletin 2. WebDav vulnerability described in MS03-007 bulletin 3. Workstation Service vulnerability
described in MS03-049 bulletin When infecting a machine, it co...
12. Win32.Worm.Welchia.F
...This is a recompiled bugfix version of Win32.Welchia.B, with no interesting new features. A description of
Win32.Welchia.B is available at http://www.bitdefender.com/bd/site/virusinfo.php?menu_id=1&v_id=192...
15. Win32.Js.Yamanner.A@mm
... This is a script written in Javascript that arrives on the user's computer in an email that appears to be
sent from av3@yahoo.com having the following subject: "New Graphic Site" and body "this is a test". When
this email...
16. Win32.P2P.Lorrin.A@mm
...The worm spreads itself via email, attached as mentioned before and also by sharing itself through the
most common P2P programs as follows: eDonkey 2000 Gnucleus ICQ KaZaA LimeWire Morpheus Grokster
It copies itself in listed below folders: \edonkey2000\incoming...
17. Win32.Bagle.BD - BG @mm

...The files come packed with PeX, a popular PE file encryption utility. PeX-compressed/encrypted files are
fairly easy to decrypt / unpack, although PeX makes use of many tricks, like generating exception (after it
has previously set up an exception handler), anti-...
18. Trojan.JS.Downloader.ABN
...This JavaScript trojan downloads and executes malware from http://ybrvhgwuzc.biz by taking advantage
of the Internet Explorer vulnerabulity presented in MS06-057 bulletin. It only affects unpatched systems....
19. Adware.PlayMP3z.B
...This application is meant to "collect" personal information from the clients computer and use it in marketing
or suspicious practices. When executed the adware displays a pop-up with the EULA (as seen in the above
screenshot).After the user clicks "...
20. Adware.PlayMp3z.A
...This application is meant to take personal information from the clients computer and use it in marketing or
suspicious practices. When executed the adware displays a pop-up with the EULA. After that it creates the
following files :%windows%\system32\mtrepair2.exe%...
22. Win32.Bagle.BD - BG @mm

...The files come packed with PeX, a popular PE file encryption utility. PeX-compressed/encrypted files are
fairly easy to decrypt / unpack, although PeX makes use of many tricks, like generating exception (after it
has previously set up an exception handler), anti-...
24. Win32.Apost.A@mm
...of e-mail is: After this spreading routine, the virus displays the following window, waiting for the user to
click the button Open: When the user click the button, it shows a fake error message: Also the virus
executes again the spreading routine an...
25. Win32.BugBear.A@mm
...s is an Internet worm that is spreading trough e-mail. The infected e-mail has the following characteristics:
Subject: Randomly selected from: Hello! update hmm.. Payment notices Just a reminder Correction of errors
history screen Announcement various Int...
26. Win32.IISWorm.CodeRed.F
...MS01-033.asp The worm begins spreading itself by sending HTTP queries. Unpatched machines will
execute the worm code directly from memory. Once executed, the worm scans kernel32.dll 's export table
for the GetProcAddress function and then finds the addresses...
27. VBS.Cuerpo.A@mm
...ed script is executed and the spreading routine is activated. First the virus drops some various files and
then will reply to user's e-mails modifying the body of mails to itself. Also the virus send e-mails to user's
contacts from all Address-Books. T...
28. Win32.P2P.Poit.A
...l.boy.tits.ass.lolita.illegal.high.school.voyeur(1)
Teen.Girl.Gets.Fucked.With.Cock.In.Pussy.And.Sucks.French.Cumshot.
(Blowjob).Ass.Anal.Lesbian.Dildo.Cunt.Porno.Dick.Xxx.A Birthday.Parties.(Home.Movie .Mpg .Self-
Extracting)....Incest.Xxx.Fuck.Porn.Sex.Fisting...
29. Win32.Apbost.A@mm
...hod of infection specific for high-level language viruses and because of the presence of some major bugs
in the virus code the infected system becomes unstable relatively quick and has high probability of failure in
booting the system....
30. Win32.Ivrol.A@mm
...Donkey and Kazaa. It's spreading using this format: Subject (may be one of the following): -------
congratulations! darling. eager to see you. honey! how are you ? lets be friends! meeting notice. please try
again questionnaire some questions?! ...
31. Win32.Klez.H@mm
...is the most common world-wide spreading worm. It's very dangerous by corrupting your files. Because of
its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it. We
developed this free immunity tool to defeat the...
32. Win32.Rechnung.A@mm
...ealth capabilities and varied spreading methods. At startup, the virus copies itself to the %sysdir%
directory under the name “winldr.exe”. However, the virus is not run like an ordinary process. Instead, it
injects itself in svchost.exe and runs the ...
33. Win32.P2P.Poit.A
...l.boy.tits.ass.lolita.illegal.high.school.voyeur(1)
Teen.Girl.Gets.Fucked.With.Cock.In.Pussy.And.Sucks.French.Cumshot.
(Blowjob).Ass.Anal.Lesbian.Dildo.Cunt.Porno.Dick.Xxx.A Birthday.Parties.(Home.Movie .Mpg .Self-
Extracting)....Incest.Xxx.Fuck.Porn.Sex.Fisting...
34. Win32.Mydoom.B@mm (Win32.Novarg.B@mm)

...of March 2004, the worm stops spreading, but the backdoor remains installed and listening. A copy of the
virus named EXPLORER.EXE is created in the Windows System folder and the registry entry is created, so
that Windows will load the worm each time: HKEY_LOCAL_...
35. VBS.Cuerpo.A@mm
...ed script is executed and the spreading routine is activated. First the virus drops some various files and
then will reply to user's e-mails modifying the body of mails to itself. Also the virus send e-mails to user's
contacts from all Address-Books. T...
36. Win32.Apbost.A@mm
...hod of infection specific for high-level language viruses and because of the presence of some major bugs
in the virus code the infected system becomes unstable relatively quick and has high probability of failure in
booting the system....
37. Win32.Apost.A@mm
...of e-mail is: After this spreading routine, the virus displays the following window, waiting for the user to
click the button Open: When the user click the button, it shows a fake error message: Also the virus
executes again the spreading routine an...
38. Win32.Ivrol.A@mm
...Donkey and Kazaa. It's spreading using this format: Subject (may be one of the following): -------
congratulations! darling. eager to see you. honey! how are you ? lets be friends! meeting notice. please try
again questionnaire some questions?! ...
39. Win32.IISWorm.CodeRed.F
...MS01-033.asp The worm begins spreading itself by sending HTTP queries. Unpatched machines will
execute the worm code directly from memory. Once executed, the worm scans kernel32.dll 's export table
for the GetProcAddress function and then finds the addresses...
40. Win32.BugBear.A@mm
...s is an Internet worm that is spreading trough e-mail. The infected e-mail has the following characteristics:
Subject: Randomly selected from: Hello! update hmm.. Payment notices Just a reminder Correction of errors
history screen Announcement various Int...
41. Win32.Parite.A/B/C
...y, and does not use email for spreading. Versions A and B are mostly the same, while version C uses a
somewhat tricky method of encrypting the original PE file’s entry point. Infected files have the last section’s
name consisting of 3 randomly chosed ...
42. Win32.Myparty.A@mm
... EXE it will start the e-mail spreading routine. If something goes wrong or the date is not between 01-25-
2002 and 01-29-2002 it will try to rename itself in C:\RECYCLED with a random name in the following
format: F-x-x-x-x.exe where x is a random number. If e...
43. Win32.Refoav.A@mm
...ername foavre. In addition to spreading, the worm saves information about the registered user name and
company, and email addresses into the file c:\datospc.dat and attempts to send the file to the virus writer
(the address is defecto@hotmail.com). If this routine...
44. Win32.Swen.A@mm
... SMTP server, etc. KaZaa spreading: the worm also gets the shared KaZaa directory and copies itself
there with the following names: 'Virus Generator', 'Magic Mushrooms Growing', 'Cooking with Cannabis',
'Hallucinogenic Scre...
45. Win32.Sobig.B@mm (Palyh)

...st of May 2003 the worm stops spreading but it still infects the machine where it is executed. The virus
has been renamed from Win32.Palyh.A@mm into Win32.SoBig.B@mm, as it belongs to the SoBig family....
46. Win32.Msblast.B
...me strings changed, namely: Spreading file is %SYSTEM%\\teekids.exe (e.g. C:\Windows\System32)
Target registry key is: [HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Inet Xp..] Unused
strings are now: “Microsoft can s*** my left t***...
47. CodeBlue
...rectory traversal exploit for spreading. The Worm sends a malformed GET request to the target server.
This allows it to download an IIS extension named httpex.dll to that server. After that it sends a GET
command on the same server in this way allowing the already...
48. Win32.Worm.Antinny.BJ
...g:.doc.xls.mdb.ppt.dbx.eml10. Spreading and information theft:Creates a zip file in shared %WINDOWS
%\UP\ folder:%WINDOWS%\UP\[ÄEÉl] user_name(date_of_infection-time_of_infection)(random japanese
characters).zipthat contains a copy of the worm (random j...
49. JS.Blackworm.A
...ave a payload, and it is only spreading. ...
50. Win32.Rays.H
...Windows starts. The virus is spreading thru floppy disks and sharing (mainly because of folder.htt that is
executed whenever a user opens that directory from explorer.exe)...
51. Win32.MyDoom.AH@mm, Win32.MyDoom.AG@mm

...1515) beside the mass mailing spreading routines. This is how the buffer overflow vulnerability gets
exploited: The worm comes in e-mail messages; these e-mail messages may contain links to "FREE ADULT
VIDEO! SIGN UP NOW!" or "Look at my homep...
52. Win32.Msblast.C
...ome strings changed, namely: Spreading file is %SYSTEM%\penis32.exe (e.g. C:\Windows\System32)....
53. Win32.LovGate.G/H/J/K@mm
...ique is classic, at least for high level language programs : a special temporary file is created, and then a
loader, the original file and the worm itself are written to the temporary file. When (and if) the infection
process went ok, the worm deletes the original...
54. Win32.Klez.A@mm
...s an Internet worm capable of spreading through the local network also. The infected mails include the
virus as attachment with a random name (but with an .exe extension). The email has the follwoing format:
Subject: Hello How are you? Can you help me? We ...
55. Win32.Klez.D@mm
...at as its predecessors). The spreading routine is slightly modified and it contains a bigger list of fake e-
mail addresses. Also the author added a routine which attempts to clean from memory the viruses:
Win32.Nimda, I-Worm.SirCam, CodeRed and CodeBlue. It carr...
56. Win32.Yahaa.K@mm
...is the most common world-wide spreading worm.It's very dangerous by corrupting your files. Because of
developed this free immunity tool to defeat the ...
57. Win32.Yahaa.P@mm/Q@mm
...is the most common world-wide spreading worm.It's very dangerous by corrupting your files. Because of
developed this free immunity tool to defeat the ...
58. Win32.Sobig.B@mm (Palyh)

...st of May 2003 the worm stops spreading but it still infects the machine where it is executed. The virus
has been renamed from Win32.Palyh.A@mm into Win32.SoBig.B@mm, as it belongs to the SoBig family....
59. Win32.Shoho.A@mm
... the Iframe vulnerability for spreading when user is previewing the e-mail. A patch and more details for
this vulnerability can be found at: http://www.microsoft.com/technet/security/bulletin/ms01-027.asp After the
virus is executed it will copies itself as Winl0...
60. Win32.Sobig.F@mm
...gh network shares. It stops spreading after 10.09.2003....
61. Win32.Gone.A@mm
...file is responsible with Mirc spreading. After that it takes all e-mail addresses from Outlook address book
and it will send itself to all those addresses in the same format as it arrives. When it finishes to send trough
e-mail it will see if ICQ is loaded and i...
62. Win32.Invalid.A@mm
...al information so, there is a high possibility that you have this certificate installed. To avoid of being
attacked by hackers, please download and install the attached patch. It is strongly recommended to install it
because almost all users have this certificate ...
63. Win32.Elkern.A
...ting the local network. The spreading potential of the virus is increased because the virus is also
transmitted by the Win32.Klez.A@mm worm, which is a mass-mailer and network infector. In order to make
detection more difficult, the virus uses some of its body...
64. Win95.CIH
...er Windows 9x systems. It was spreading silently and became in the wild, without showing any payload
until the date of 26 April when it writes garbage in the Flash memory and destroys the boot sectors. There
are known many versions of this virus, some of them with...
65. Win32.Cydog.C@mm
...es\Edonkey2000\Incoming Mirc spreading: it drops script.ini file in Mirc folder and attemtps to send
Magical-Screensaver.scr to all users in the current channel. It finds Mirc folder by following the registry key
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Cu...
66. Win32.Worm.Korgo.R
...reates three threads used for spreading and checking for updates - chosses a random port between 257
and 8191 excluding all multiples of 256 on which it creates a pseudo HTTP server managed by a new thread
- using the HTTP server the successful exploit fetches and...
67. Win32.Worm.Korgo.P
...reates three threads used for spreading and checking for updates - chosses a random port between 257
and 8191 excluding all multiples of 256 on which it creates a pseudo HTTP server managed by a new thread
- using the HTTP server the successful exploit fetches a...
68. Win32.Klez.D@mm
...at as its predecessors). The spreading routine is slightly modified and it contains a bigger list of fake e-
mail addresses. Also the author added a routine which attempts to clean from memory the viruses:
Win32.Nimda, I-Worm.SirCam, CodeRed and CodeBlue. It carr...
69. Win32.Kitro.A@mm
...This is an Internet worm spreading through e-mails to all the contacts in the .NET Messenger Service.
The file is an executable compressed with UPX, programmed in Delphi, with the uncompressed size of
about 500K. The file comes as an attached file named psycho.sc...
70. Win32.Worm.Korgo.A,B
...ASS Windows vulnerability for spreading. http://www.microsoft.com/technet/security/bulletin/MS04-
011.mspx Once run, the worm will do the following: 1. Attempts to delete Go.exe from current location 2.
Creates the mutexes: variant A: r10, rocket10 varia...
71. Win32.Bagle.AY@mm
...t .dhtm .jsp It has some P2P spreading capabilities, the same it uses since early versions: it searches
folders that contain the string "shar" and copies itself there under the following names: 1.exe 2.exe 3.exe
4.exe 5.scr 6.exe 7.exe 8.exe 9.exe 10.e...
72. VBS.Plan.B
... is extremely aggressive when spreading in the network. Once the attachment is executed, the virus
copies itself in three files on the system, "LINUX32.vbs" and a vbs file with a random name in system folder
("C:\\Windows\System" or "C:...
73. Win32.Anset.A@mm
...nstalled, the worm starts its spreading routine. The virus creates a list of e-mails from Outlook's Address
Book and from all the files in drive C: with the extension one of: .php .htm .shtm .cgi .pl where it looks for the
string mailto:. Also it rea...
74. VBS.LoveLetter.A
copies itself in three files on the system, "MSKernel32.vbs" and "LOVE-LETTER-FOR-YOU.TXT.vbs" in
system folder ("C:\Windows\System&...
75. Trojan.Dialer.FU
...r program which tries to dial high-cost numbers using your modem. When it is run for the first time, it may
create a new folder on drive C and drop there some other components, including a DLL file, some Java
Script files, a HTML file (which is loaded when the ex...
76. Trojan.Dialer.EG
...graphic material by dialing a high-cost number.When first run, creates a directory with the same name as
the executable used to launch the program under %ProgramFiles%\Montorgueil\ where it copies itself(i.e.: if
the user starts MyDialer.exe, then the trojan will ...
77. Win95.CIH
...er Windows 9x systems. It was spreading silently and became in the wild, without showing any payload
until the date of 26 April when it writes garbage in the Flash memory and destroys the boot sectors. There
are known many versions of this virus, some of them with...
78. Win32.Cydog.C@mm
...es\Edonkey2000\Incoming Mirc spreading: it drops script.ini file in Mirc folder and attemtps to send
Magical-Screensaver.scr to all users in the current channel. It finds Mirc folder by following the registry key
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Cu...
79. Win32.Blondy.A@mm
..., called W32.Roro@mm. It is a high risk worm and it's using IRC and internet pages to infect computers.
The virus deletes movies, music and system files. Due to the significant increase of infected users, Microsoft
Corporation, with the collaboration of McAfe...
80. Win32.Bagle.A@mm
...s is an Internet worm that is spreading trough e-mail. It arrives in the following format: Subject: Hi Body:
Test =) %randomstring% Test, yep. Attachment: %randomstring%.exe where %randomstring% is a
randomly generated string. When the user opens the att...
81. Win32.Gael.3666
...ich uses multiple methods for spreading: By infecting executable files By scanning for machines which
have not been patched Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability The worm
tries to download a...
82. Win32.Bagle.BJ@mm
...cts and attachment names. The spreading was done manually, not by the worm itself. When ran, the
worm opens a notepad windows with the text: \"Sorry.\" and drops two files in the Windows/System32
directory: WINSHOST.EXE WIWSHOST.EXE The first file (WI...
83. Win32.Sober.AD@mm
...t’s own SMTP engine for spreading via e-mail. The possible mail subject includes one of the following :
Ihr Passwort Account Information SMTP Mail gescheitert Mailzustellung wurde unterbrochen Ermittl u...
84. VBS.LoveLetter.A
copies itself in three files on the system, "MSKernel32.vbs" and "LOVE-LETTER-FOR-YOU.TXT.vbs" in
system folder ("C:\Windows\System&...
86. Trojan.Dialer.FU
...r program which tries to dial high-cost numbers using your modem. When it is run for the first time, it may
create a new folder on drive C and drop there some other components, including a DLL file, some Java
Script files, a HTML file (which is loaded when the ex...
87. Win32.Bagle.AY@mm
...t .dhtm .jsp It has some P2P spreading capabilities, the same it uses since early versions: it searches
folders that contain the string "shar" and copies itself there under the following names: 1.exe 2.exe 3.exe
4.exe 5.scr 6.exe 7.exe 8.exe 9.exe 10.e...
88. VBS.Plan.B
copies itself in three files on the system, "LINUX32.vbs" and a vbs file with a random name in system folder
("C:\\Windows\System" or "C:...
89. Win32.Sober.T@mm
...e email addresses for further spreading, it searches through files with the following extensions: pmr phtm
stm slk inbox imb csv bak imh xhtml imm imh cms nws vcf ctl dhtm cgi pp ppt msg jsp oft vbs uin ldb abc pst
cfg mdw mbx mdx mda adp nab fdb vap dsp ade sl...
90. Backdoor.Sticy.B
...", etc. To achieve network spreading, the worm has a long list of passwords, and it tries to brute-force
share passwords it has enumerated across the network. The worm also has key logging capabilities.
Command list: pass - display cached passwords th...
93. Win32.Sober.AD@mm
...t’s own SMTP engine for spreading via e-mail. The possible mail subject includes one of the following :
Ihr Passwort Account Information SMTP Mail gescheitert Mailzustellung wurde unterbrochen Ermittl u...
94. Win32.Bagle.BJ@mm
...cts and attachment names. The spreading was done manually, not by the worm itself. When ran, the
worm opens a notepad windows with the text: \"Sorry.\" and drops two files in the Windows/System32
directory: WINSHOST.EXE WIWSHOST.EXE The first file (WI...
95. Win32.Gael.3666
...ich uses multiple methods for spreading: By infecting executable files By scanning for machines which
have not been patched Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability The worm
tries to download a...
96. Exploit.Perl.Gog.A
...on. After that it starts the spreading routine described above. Payload function: It replaces recursively all
the files with the following extensions: .htm, .php, .asp, .shtm, .jsp, .phtm with the following text: This site is
defaced!!! NeverEver...
97. Win32.Mydoom.P@mm
...This worm has more than one spreading method ( it is a massmailer as well as a p2p worm ) and it drops
several components. When run, the worm displays a random error message, picked from this list: \'File is
corrupted.\' \'Could not initialize installation...
98. Win32.Mimail.A@mm
...ll be sent as attachment when spreading. %WINDOWS%\\exe.tmp is a copy of message.html It also
creates the following registry entry: HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\VideoDriver
with the value: %WINDOWS%\\videodrv.exe The worm uses ...
99. Win32.Fbound.C@mm
...es the user SMTP settings for spreading itself. Win32.Fbound.A@mm is a slightly different version of this
worm. It has the same subjects and attachment but the code was more structured....
100. Win32.Msblast.F
...e being some text strings: Spreading file is %SYSTEM%\\enbiei.exe (e.g. C:\\Windows\\System32) Target
registry key is: [HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\www.hidro.4t.com] Unused
strings are now: Nu datzi la f***ultatea de ***!!! ...
101. Win32.Netsky.S@mm
... itself. After that it starts spreading again. From April 14 to 23 2004 the worm creates a new thread which
attempts DoS attacks on the following sites: www.cracks.am www.emule.de www.freemule.net
www.kazaa.com www.keygen.us ...
104. Win32.Bagle.U@mm
...a web page. The worm stop spreading after 01.01.2005 ...
114. Win32.Bagle.U@mm
...a web page. The worm stop spreading after 01.01.2005 ...
116. Win32.Netsky.S@mm
... itself. After that it starts spreading again. From April 14 to 23 2004 the worm creates a new thread which
attempts DoS attacks on the following sites: www.cracks.am www.emule.de www.freemule.net
www.kazaa.com www.keygen.us ...

List of Viruses

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

List of Viruses

Uploaded by

Copyright:

Available Formats

1. W32.NetSky.

17. Win32.Bagle.BD - BG @mm

22. Win32.Bagle.BD - BG @mm

34. Win32.Mydoom.B@mm (Win32.Novarg.B@mm)

45. Win32.Sobig.B@mm (Palyh)

51. Win32.MyDoom.AH@mm, Win32.MyDoom.AG@mm

58. Win32.Sobig.B@mm (Palyh)

You might also like