Virus Database

Wamin.346

Description Wamin.346

This is a harmless, non resident virus, which searches for .COM files, and then writes itself to the beginning of these files.
The virus code contains errors. The virus will repeatedly infect the first file found in the current directory, which may lead to problems with the file infected.

Check other viruses! Be aware! Use Antiviral Software

I-Worm.Ivalid

Description I-Worm.Ivalid

This is a dangerous worm that spreads via the Internet attached to e-mail messages. The worm itself is a Windows application about 12K in size. To spread, the worm uses SMTP and connects to the "mail.bezeqint.net" e-mail server in order to send infected messages.
The worm obtains a victim's e-mail addresses from HTML files. It searches for *.HT* files on the hard drive and looks for e-mail addresses there.
The infected messages contain the following data:
From: "Microsoft Support" [support@microsoft.com]
Subject: Invalid SSL Certificate',0Dh,0Ah
Attach: SSLPATCH.EXE

Message text:
Hello,
Microsoft Corporation announced that an invalid SSL certificate that web sites use is required to be installed on the user computer to use the https protocol. During the installation, the certificate causes a buffer overrun in Microsoft Internet Explorer and by that allows attackers to get access to your computer. The SSL protocol is used by many companies that require credit card or personal information so, there is a high possibility that you have this certificate installed.
To avoid of being attacked by hackers, please download and install the attached patch. It is strongly recommended to install it because almost all users have this certificate installed without their knowledge.
Have a nice day, Microsoft Corporation
In case of an error, or when infected messages are sent, the worm encrypts all EXE files the in current and all parent directories. While encrypting, the worm uses standard Windows crypto API.
The worm also contains the following texts in its body:
I-Worm.Invalid, Written By Dr.T/BCVG Network, 2001
The Black Cat Virii Group, 2001

I-Worm.Ivalid

Description I-Worm.Ivalid

This is a dangerous worm spreading through Internet attached to email messages. The worm itself is Windows application about 12K of size. To spread the worm uses SMTP and connects to "mail.bezeqint.net" email server to send infected messages.
The worm gets victim email addresses from HTML files. It searches for *.HT* files on the hard drive and looks for email addresses in there.
The infected messages have following data:
From: "Microsoft Support" [support@microsoft.com]
Subject: Invalid SSL Certificate
Attach: SSLPATCH.EXE
Message text:
Hello,
Microsoft Corporation announced that an invalid SSL certificate that web sites use is required to be installed on the user computer to use the https protocol. During the installation, the certificate causes a buffer overrun in Microsoft Internet Explorer and by that allows attackers to get access to your computer. The SSL protocol is used by many companies that require credit card or personal information so, there is a high possibility that you have this certificate installed.
To avoid of being attacked by hackers, please download and install the attached patch. It is strongly recommended to install it because almost all users have this certificate installed without their knowledge.
Have a nice day,
Microsoft Corporation
In case of error, or when infected messages are sent the worm encrypts all EXE files in current and all parent directories. While encrypting the worm uses standard Windows crypto API.
The worm also contains following texts in its body:
I-Worm.Invalid, Written By Dr.T/BCVG Network, 2001
The Black Cat Virii Group, 2001

Home