Top of iNet Over Matter
iNet Over Matter - Virus Info
Internet Computing - Tech Support
An Internet Resource Page
by: Bob in HoustonEmail
 Information about some interesting viruses - 11/09/2001
NAME
 LINKS - notes
Risk in
VBS/Bubbleboy - Email Propagation without using Attachments
- SARC Description of VBS.Bubbleboy
- Trend Micro, Incorporated - Security Alert		 WSH
Win98
Win2k
IEv5+
CIH
Danger, destructive		 - CIH Virus Recovery
- Global CIH Virus Information Center
- Damage:  Companies have been infected - News Story		 Win95
Win98
ExploreZip Worm - CIAC J-047: The ExploreZip Worm
- CERT® Advisory CA-1999-06 ExploreZip Trojan Program
- F-Secure Description of ExplorereZip and Global Zipped Files Worm Information		 Win95
Office
Melissa - CERT® Advisory CA-1999-04 Melissa Macro Virus
- W97M.Melissa.A
- W97M.Melissa Word Macro Virus		 Win95+
Outlook
Word
VBS/LoveLetter.A - A destructive .VBSworm - Began spreading via Internet Mail the weekend of 5/5/2000 from Philippines westward. Several variants observed within a couple days.
- http://www.complex.is/f-prot/loveabout.html
- CIAC - K-039e: VBS.LoveLetter.A Worm
commandcom VBS LoveLetter Worm		 WSH
Win98
Win2k
IEv5+
Happy99.exe SKA 
NOTES
 - Ska Virus - Explains how to identify and get rid of happy99 Wsock32
VBS.LoveLetter.FW.A
a.k.a.
VBS.NewLove.A
  - Very nasty .VBS script - a mutating email worm that can destroy a system.
 - first reported 05/19/2000 --See Story
 - quick indication: a .vbs attachment to an email with FW in the subject and a blank body.		 WSH
Win98
Win2k
IEv5+
CodeRed
W32/Nimda worm - a.k.a. Concept Virus (CV) v.5		  -  F-Secure Computer Virus Info: Code Red
 - CERT Advisory CA-2001-26 Nimda Worm
 -  F-Secure Computer Virus Info: Nimda		 Win95+
NT/Win2k
IE/OEv5+
W32/Vote (wtc.exe)
Danager, damaging & attempted destructive		  -  F-Secure Computer Virus Info: Vote
 - 09/24/2001 TechTV | WTC Virus Strikes		  WSH
Windows
IE/OE/OL
SirCam  - F-Secure Computer Virus Info: Sircam
 - Detination date 10-16-2001		  WSH
Windows
IE/OE/OL
Magistr - I-Worm.Magistr - W32.Magistr.24876@mm
Danager, destructive		  -  F-Secure Computer Virus Info: Magistr
 -  Symantec SARC		 WSH
Windows
IE/OE/OL
Magistr.b - W32.Magistr.39921@mm
a variant of I-Worm.Magistr		  - able to shut down the user interface portion of ZoneAlarm,  ZA continues to protect the PC and prevents the virus from being spread, only the user interface of ZA is affected by Magistr.B. Restart ZA and clean the system
 -  Symantec SARC		 * Winnt
* Win95
* Win98
*Windows
Yaha.E Worm
#ffcc99
MSBLAST -
W32.Blaster.Worm
 08/11/2003 - First to exploit the DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135. First reported by InternetStormCenter where there are key links - Report to SBC/Prodigy here. - SARC
 * WinNT
* Win2000
* WinXP
#e1bd99























More to come