Worm

It is not easy to identify viruses by their names, as different antivirus companies give them different names. I am trying to use one of those names for easy understanding. So I will list those viruses that are identified as worms by most of the Antivirus companies.
  • Pinit ( 3 Articles )
    Worm Win32.Pinit  is downloaded by another virus. It also spreads through network shared drives. It attempts to spread by copying itself over network shares.
  • W32.Chir ( 1 Article )
    W32.Chir is a mass-mailing worm and virus that sends itself to email addresses gathered from the compromised computer. It exploits remote vulnerabilities and attempts to infect files.
  • Sobig ( 2 Articles )
    W32.Sobig is a mass-mailing, network-aware worm that sends itself to all the email addresses it finds in the files with extensions:
    dbx, eml, hlp, htm, html, mht, wab, txt
    The worm uses its own SMTP engine to send out mail. It also attempts to create a copy of itself on other computers in a network
  • Changeup ( 164 Articles )
    W32.Changeup is a worm that spreads by copying itself to removable and mapped drives.
  • Brontok ( 2 Articles )
    This is a mass mailing worm. It is also known as Brontok, Moonlight, Rontokbro etc.
  • Silly FDC ( 23 Articles )
    W32.SillyFDC is a family of worms that spread to removable drives. Certain variants may also apread to mapped drives. They can download files or perform other malicious activities.
  • Networm ( 1 Article )
    It is also known as W32.Spybot worm, Networm etc. It is a network-aware worm. It communicates with and receives commands from an IRC channel. The hackers exploit some vulnerabilities to remotely operate infected computer. It can be used to launch Dos attacks.
  • Doombot ( 6 Articles )

    Doombot worm is also known as W32.Mytob.

    • Doombot worm comes with IRC bot capabilities and spreads via mass mailing.
    • It runs in the background. acts as aBackdoor Server that provides access to the victim's PC via IRC channels.
    • Lowers the security level of the computer
    • Changes entries in the Windows HOSTS files in order to block websites of AntiVirus companies. 
  • IRC Bot ( 61 Articles )
    It is a backdoor computer worm. The worm copies itself into a Windows system folderand becomes part of the computer's automatic startup. It provides a backdoor server and allows a remote intruder to gain access and control over the computer via an Internet Relay Chat channel. This allows for confidential information to be transmitted to a hacker.
  • Koobface ( 17 Articles )
    Koobface is also known as It is also known as the Facebook Virus/Worm. It is seen that the writer/s of this worm is/are using different names for the files that this worm creates on a computer. In this category I am listing the different virus installers of Koobface Worm.
  • dcpromo ( 4 Articles )
    It is a network-aware worm that attempts to replicate across the existing network(s). It has the charasteristics of a trojan which provides IRC remote access to a users infected machine by exploiting a known Microsoft buffer overflow vulnerability.
  • Ackantta ( 42 Articles )

    It is identified as a mass mailing worm. It has several different variations. It is also known as

    Malware.Ackantta [PCTools]
    W32.Ackantta!gen [Symantec]

  • W32.Spybot ( 11 Articles )

    W32.Spybot.Worm is a family of worms that spreads using the Kazaa file-sharing network and mIRC. This worm can also spread to computers that are infected by back door Trojan virus and on network shares protected by weak passwords.  It can perform various actions by connecting to a configurable IRC server and by joining the attackers channel to get instructions. It can exploit the known unpatched vulnerabilities in windows.

    It is also known as

    Net-Worm.Spybot [PCTools]
    W32.Spybot.Worm [Symantec]
  • W32 Spyrat ( 3 Articles )
    W32.Spyrat is a worm that copies itself using removable drives and file-sharing networks. It also opens a back door on the computer.
  • W32 Uporesc ( 3 Articles )
    W32.Uporesc is a worm that infects .exe and .html files and spreads by copying itself to removable drives. It also downloads potentially malicious files from the Internet.
  • W32 Gammima ( 26 Articles )
    W32 Gammima is a worm that spreads by copying itself to removable media. It also steals passwords of online games. It uses different file names. I have listed them in this category
  • W32.Fujacks ( 3 Articles )
    W32 Fujacks is known to be a worm that spreads by copying itself to network shares protected by weak passwords. It also copies itself to the root drive of all partitions and infects all .exe files found on the local computer. This worm ends some security-related processes and services.
  • Rahack ( 1 Article )
    W32 Rahack or Win32 Allaple  is a virus/ worm that attempts to exploit Radmin installations that are using weak passwords.  Radmin is a remote administrator software provided by Famatech. 
  • W32 Imaut ( 7 Articles )
    W32 Imaut is a worm that spreads via Yahoo! Instant Messenger and Microsoft Windows Live Messenger. The worm may attempt to download remote files on the infected computer.
  • Rjump ( 2 Articles )
    W32 Rjump, Win32 Rjump, Rajump is a worm that attempts to spread by coping itself to mapped and removable storage drives and also opens a backdoor on the infected computer.
  • Win32 Rimecud ( 1 Article )
    Worm Win32 Rimecud is a family of worms with multiple components that spreads via removable drives and instant messaging. It also contains backdoor functionality that allows unauthorized access to the affected computer
  • Win32 Hamweq ( 1 Article )
    Worm Win32 Hamweq is a worm that spreads via removable drives, such as USB memory sticks. It contains an IRC-based backdoor, which may be used by a remote attacker to use the affected computer to participate in Distributed Denial of Service attacks, or to download and execute other harmful files.
  • Fanbot ( 1 Article )
    W32.Fanbot  is a mass-mailing worm that lowers security settings on the infected computer. It also spreads by exploiting the windows vulnerabilities  and through peer-to-peer networks.
  • Ptopirate ( 1 Article )
    Worm Win32 Ptopirate modifies Hosts file that may block access to certain security web sites.
  • Win32 VBNA ( 44 Articles )
    This virus is known as Worm.Win32.VBNA or Trojan.Gen
  • Palevo ( 22 Articles )

    This worm is also known as 

    • P2P-Worm.Win32.Palevo.afcr [Kaspersky Lab]
    • Mal/Palevo-A [Sophos]
    • Win32/Palevo.worm.115200.N [AhnLab]
  • MyDoom ( 1 Article )
    Worm Win32 MyDoom is a mass mailing worm affecting windows computers
  • Ramnit ( 6 Articles )
    This is a new worm, it is identified as a worm or a Trojan by different antivirus programs.
  • Taterf ( 21 Articles )
    Win32/Taterf is a worm that spreads via logical drives to steal login and account details for popular online games.
  • Autorun ( 9 Articles )
    Worm Win32 Autorun is the name for worms  spreading to local, network, or removable drives using an 'autorun.inf' file
  • Neubreku ( 4 Articles )
    This virus is known as Worm Neubreku or Trojan Win32 Buzus
  • Stuxnet ( 1 Article )
    W32.Stuxnet is a worm that spreads through removable drives using the Microsoft Windows Shortcut 'LNK' Files Automatic File Execution Vulnerability (BID 41732).
  • Wukill ( 1 Article )

    Wukill or W32.Wullik is a mass-mailing worm that attempts to send itself to all the contacts in the Outlook address book. 
  • Pilleuz ( 16 Articles )
    W32.Pilleuz is a worm that spreads through file-sharing programs, Microsoft instant messaging clients and removable drives. It also opens a back door on the computer it infects
  • SillyDC ( 3 Articles )
    W32.SillyDC is a generic name for worms that spread by copying themselves to removable and shared drives. These worms then download and execute other viruses
  • Fasong ( 2 Articles )

    Fasong worm is known as W32/Fasong.worm, Troj/Fasong, Worm.Win32.Fasong etc. Some antivirus programs identify it as Net-Worm.Benfgame. It is a password-stealing virus/worm that steals passwords and user information from a Chinese Internet game.

  • Higuy ( 1 Article )
    W32.Higuy or Tettona is a mass-mailing worm that sends itself to all contacts found in the Windows Address Book.
  • Swen ( 1 Article )
    W32.Swen is a mass-mailing worm that uses its own SMTP engine to spread itself. It attempts to spread through file-sharing networks, such as KaZaA and IRC, and attempts to kill antivirus and personal firewall programs running on a computer.
  • Klez ( 1 Article )
    W32 Klez is a family of mass mailing worms
  • Lovegate ( 1 Article )

    Lovgate is a mass mailing worm that attempts to email itself to all the email addresses that it finds in the files, with a file extension that starts with "ht" (for example, all the .htm or .hta files). The subject and attachment of the incoming email are chosen from a predetermined list.

    It also attempts to copy itself to all the computers on a local network, and then infect these computers. The worm also has a backdoor Trojan capability. 

  • Sober ( 1 Article )
    W32 Sober is a mass-mailing worm that uses its own SMTP engine to spread itself. The subject of the email varies, and it will be in either English or German.  The name of the email attachment varies, and it will have a .bat, .com, .exe, .pif, or .scr file extension.

    It also attempts to copy itself to all the computers on a local network, and then infect these computers. The worm also has a backdoor Trojan capability.
  • Fizzer ( 1 Article )
    Fizzer is a mass mailing worm.
  • Mumu ( 1 Article )
    Mumu Worm is a collection of batch files and utilities, as well as a hacktool named Hacktool.Hacline.  The names and functions of the files vary with newer versions of this worm/ virus
  • Imsolk ( 1 Article )
    W32.Imsolk is a mass-mailing worm that spreads through removable and mapped drives, and through shared folders and instant messaging. It is also known as W32/VBMania, Win32/Swisyn.worm etc
  • Bagle ( 1 Article )
    Bagle (also known as Beagle) is a mass-mailing computer worm said to be written in pure assembly language. Bagle uses its own SMTP engine to mass-mail itself as an attachment to recipients gathered from the infected computer. It copies itself to the Windows system directory and opens a backdoor. It avoids addresses containing certain strings such as "@hotmail.com", "@msn.com", "@microsoft" or "@avp".
  • Cugirl ( 1 Article )
    It is a worm that uses IRC backdoors allowing unauthorized access to an infected PC. It has the capability to spread over a network exploiting various Windows vulnerabilities.
  • Doomjuice ( 1 Article )
    Doomjuice uses the computers, which W32.Mydoom infects, to spread. This worm also launches a Denial of Service (DoS) attack on the Microsoft Web site.  If this worm is detected on your computer, you should also remove the MyDoom worm from your computer. Here is a link to a free removal tool from Symantec
  • Spacefam ( 4 Articles )
    W32.Spacefam is described as a worm that spreads through Facebook and steals login information from the profiles it compromises. It then sends messages to the Profile's contacts.
  • Viking ( 1 Article )
    Worm Win32/Viking or W32.Looked is a worm that spreads via removable drives and network shares. It can terminate security-related processes, relocate certain Windows files, drop other malware, modify the HOSTS file and Internet files, infect certain files, and connect to a remote server.
  • Sasser ( 2 Articles )
  • WBNA ( 3 Articles )
    These are the instance of worm Worm.Win32.WBNA

Search within this site

Read in your language


Main Menu

Home
----Sections----
Harmful Files
Virus Removal
Trojan Removal
Worms Removal
Rogues Removal
Unwanted Apps
Removal Tools
Current News
----Articles----
Warning/ Disclaimer
Common Folders
Preventive Measures
Removal Instructions
Video Tutorials
----Site Info----
Sitemap
About/Contact

Useful Links


Privacy Policy