• W32.HLLW.Lovgate.G aka Lovgate: minor variant of W32.HLLW.Lovgate.C. Same backdoor and worm capabilities. Doesn't
  function correct under WIN9X/ME.
  Check out the Latest Worms (MS) page.

F-Secure
McAfee
Symantec
Trend Micro

• CodeRed.F aka W32.Bady.F: a new variant in the CodeRed family. Minor changes in the source code, but with same impact for unprotected IIS Web servers.
  Check out the Latest Worms (MS) page.

F-Secure
McAfee
Symantec
Trend Micro

• HLLW.W32.Deloder aka Deloder: a network-aware worm that attempts to connect to a target host, using TCP port 445 [Windows 2000 and Windows XP only]. If the connection is succesful, file Inst.exe will be copied to hard-coded locations. File Inst.exe is a backdoor Trojan component that is detected as Backdoor.Dvldr. After this, W32.HLLW.Deloder will load from the Startup folder when you start Windows.
  Check out the Latest Worms (MS) page.

F-Secure
McAfee
Symantec
Trend Micro

• W32.Bibrog: a mass-mailing worm that sends itself to all the contacts in the Outlook Address Book. Attempts to spread through KaZaA, Grokster, and Morpheus file-sharing networks, as well as ICQ.
  Attachment name: Academia.exe
  Check out the Latest Worms (MS) page.

McAfee
Symantec

• W32.Yaha.P aka Yaha.P: uses its own SMTP engine to email itself to all the contacts in the Windows Address Book, MSN Messenger, .NET Messenger, Yahoo Pager, and in all the files whose extensions contain the letters HT.
  Check out the Latest Worms (MS) page.

F-Secure
McAfee
Symantec
Trend Micro