OIT Help Desk
Archived Computer Viruses
January 2002 to December 2002
October 1,
2002: W32.Bugbear@mm is a
mass-mailing worm that sends itself to email addresses found in the
Microsoft Outlook address book. It can also spread through Network
shares. It may allow unauthorized access to infected machines. The worm
will also attempt to terminate the processes of various antivirus and
firewall programs..... [full
article]
Updated by: Andrea at 8:20 am
September 9, 2002: The following message has
been sent out by email. It is a hoax. It contains information such as "If
you receive an email called "WTC Survivor" do not open it. Delete it
right away! This virus removes all dynamic link libraries (.dll files)
from your computer.".... [full
article]
Updated by: Andrea at 9:20
am
July 15,
2002: W32.Frethem.K@mm is a
worm that uses its own SMTP engine to send itself
to email addresses that it finds in the Microsoft Windows Address
Book
and other common address book types. The email message arrives with the
following characteristics:... [full
article]
Updated by: Andrea at 8:29
am
July 8,
2002: W32.Liac.A@mm is a
mass-mailing worm written in Visual Basic. When the
worm is executed, it will attempt to email all contacts in the
Windows
Address Book (WAB) using Microsoft Outlook.
When W32.Liac.A@mm is
executed, it will display a fake error message. The error message will
appear as follows... [full
article]
Updated by: Andrea at 9:43
am
May 16, 2002:
This is a hoax that, like the
SULFNBK.EXE Warning hoax, tries to persuade you to delete a
legitimate Windows file from your computer. The file that the hoax
refers to, Jdbgmgr.exe, is a Java Debugger Manager. It is a Microsoft
file that is installed when you install Windows.... [full
article]
Updated by: Andrea at 12:12
pm
April 25,
2002:
If you are receiving responses to
email messages you never sent, or messages you never sent are returned
to you by an email server. In all cases your name appears in the From:
field. These mysterious emails, apparently originating from your
account, may be caused by the Klez virus... [full
article]
Updated by: Andrea at 8:20
am
April 18,
2002:
W32.Klez.H is a mass-mailing worm that sends itself to email addresses
found in the Microsoft Outlook and Outlook Express address book.
The subject of the email is randomly generated. The Subject line may
also include the name of the recipient. The message body can be randomly
constructed or in some cases left empty. The email will have an
executable file attached that has a randomly generated file name. It
will end in *.exe., *.scr, *.pif, or *.bat.
Updated by: Andrea at 8:20 am
March 25,
2002:
W32.MyLife.B@mm is a mass-mailing worm that uses Microsoft Outlook to
spread to all addresses in the Outlook address book. It copies itself to
C:\Windows \System\Cari.scr. It may also delete files if attached file
is run between 8:00 A.M. and 9:00 A.M.. The attached file is a screen
saver named Cari.scr.
Updated by: Andrea at 3:30
pm
W32.Impo.gen@mm (also known as W32.Dotjaypee@mm and W32/Fbound.c@MM)
March 14,
2002: This
is a mass-mailing worm that sends itself to all entries in the Windows
Address Book, using the SMTP server of the infected user. This virus
does not destroy or infect other files. The email arrives with an
attachment named patch.exe. The subject is "Important" unless the user's
email address ends in .jp.
Updated by: Andrea at 8:27
am
March 11,
2002:
W32.Gibe@mm is a mass-mailing worm that uses Microsoft Outlook and its
own SMTP engine to spread. This worm arrives in an email message--which
is disguised as a Microsoft Internet Security Update--as the attachment
Q216309.exe
Updated by: Andrea at 3:10
pm
W32/Klez
February 27, 2002:
W32/Klez is a mass-mailing worm that sends itself
to email addresses found in the Microsoft Outlook and Outlook Express
address book. This worm has the ability to spoof the email from field.
Thus, it may appear that you have received this virus from one person,
when it was actually sent from a different user's system.
Updated by: Andrea at 3:35
pm
February 19, 2002:
W32.Yarner.A@mm is a mass-mailing worm that sends itself to email
addresses found in the Microsoft Outlook address book. The worm uses the
system configured SMTP server to send messages with the subject
"Trojaner-Info Newsletter 18.02.02" and a message body in German. The
attachment name is yawsetup.exe.
Updated by: Andrea at 8:57
am
January 28, 2002:
W32.Myparty@mm is a mass-mailing worm. The
worm can spread its infection by email using Microsoft Outlook and
Outlook Express. The email can come from addresses that you will
recognize. Attached is a file with a name of www.myparty.yahoo.com. The
subject of the email is "new photos from my party!".
Updated by: Andrea at 10:52
am
January 15, 2002: JS.Gigger.A@mm is a mass-mailing
worm. The worm can spread its infection by email using Microsoft Outlook
and Outlook Express. The email can come from addresses that you will
recognize. Attached is a file with a name of mmsn_offline.htm. The
subject of the email is "Outlook Express Update". It attempts to delete
all files on the computer and to format drive C if the computer is
successfully restarted.
Updated by: Andrea at 9:42
am
January 2, 2002:
W32.Maldal.D@mm is a mass-mailing worm.
The worm can spread its infection by email using Microsoft Outlook. The
email can come from addresses that you will recognize. Attached is a
file with a name of "Name of infected computer from which the worm was sent".exe or ZaCker.exe. The subject of the email is ZaCker.
Updated by: Andrea at 10:52
am
Archived Virus and Security Alerts: