Main Page

Included page "clone:virus" does not exist (create it now)

Welcome to the Virus Encyclopedia
The Wikidot wiki that anyone can edit
Currently editing 341 entries and counting

Featured Entry


Happy99 is an email worm coded by 29A contributor Spanska. The coder described it as "sympathetic hitchhiker who uses your internet connection to travel, and thank you for the trip with a small animation", displaying fireworks when executed.

One of its more interesting features is its modification of the WSOCK32.DLL file, that it uses to spread. Every time the user sends an email or news post, the worm will send a second email or news post containing a copy of itself. Because of its ability to infect a file, its status as a virus or worm was disputed, even by its coder. The fact that it requires user interaction also gave it some trojan aspects.

Recent Additions

  • Tiny, a small Windows 9x virus by Z0mbie.
  • Letum, a .NET worm by Retro that spreads through email and news groups.
  • Intruder, a DOS .exe infecting virus, used in a demonstration virus in Mark Ludwig's Black Books.
  • Screen, an Atari ST boot sector virus from 1988.
  • Rike, a Linux file virus written in Assembly.
  • Init1984, the first potentially dangerous Macintosh virus.
  • Blebla, an email worm capable of infecting a system when a user simply reads its email message.
  • Leviathan, a virus by Benny created to simulate neural nets.
  • Hillary, a simple 32-bit Windows parasitic virus, coded by Mark Ludwig as a demonstration in his Giant Black Book of Computer Viruses.


Reports of our death have been greatly exaggerated. True, it has been a very long time since we last produced an entry for the wiki. Our professional and personal lives over the past few months have made it extremely difficult to devote to this labor of love, but most of us are still very much on it. New entries will continue to be few and far between for the foreseeable future. However, we will still be very much here, unless Wikidot folds and pulls the plug on the server, which is pretty unlikely to happen.

The Virus Encyclopedia will begin hosting some files on our own designated media page. We have hard drives, optical media and even floppy diskettes we have collected over the years filled with information that does not seem to be available anywhere else and occasionally we find something useful for one of our entries. The media is so far pretty disorganized, though we will be making an effort to put it all in one place and freely share it (where copyrights are not an issue) with everyone interested. In the meantime, when we find something from these files that is relevant to more than one page, we will upload it as an attachment to the Media page (there are only 2 entries as of this writing) and create a link to it.


  • After 14 years of inactivity, the Slammer worm has made a mysterious comeback. The worm made brief spikes in late November and early December of the last year. The attacks primarily came from China, Vietnam, Mexico and Ukraine, though the US, Russia, Thailand, Venezuela and Argentina. No one seems to know how or why the 14-year old worm that is very specific to a vulnerability that should be patched and a port that should be closed was able to make a comeback, but there is a lot of room for speculation.
  • Reports of Russian hacking of the recent US election are met by many experts with skepticism. While some agencies claim to have evidence of Russian meddling, none seem to actually present any. Alleged Russian hackers came shortly after recount attempts in three states that only showed the winner Donald Trump gaining more votes. The Russian has been mostly silent on the election itself, with the exception of denying accusations it was involved in any nefarious activity.

Featured Image

Mylife is a family of destructive worms, most of which delete important system files. Most variants of the worm entice victims to open an email attachment with the promise of a picture. It usually delivers on this promise, displaying some kind of picture once the attachment is executed. The first one (pictured) is an image of a young girl, allegedly the love of the sender's life. Later variants had a political slant, featuring former US president Bill Clinton and former Israeli prime minister Ariel Sharon in their images. In addition to the pictures they display, Mylife often has other intersting visual elements, like the email attachment icons. These included images of Duckman, David Duchovny (Fox Mulder from the X-Files) and Groucho Marx.

The original deletes various types of files in the root, Windows and System folders, destroying the operating system. Later variants could be anything from mildly annoying, like the G, I and J variants that simply delete MP3 files, to extremely dangerous, like the M variant, which deletes all files on certain drives.


Featured Video

Yaha is a worm with many variants, all based on the original worm, but with some different features added to later versions. Some variants of the worm were created (and possibly continue to be created) in a cyber-war between hackers of India and Pakistan. The worm allegedly caused over $10 billion in damages.

Many of its variants appear as a Valentine's Day message to entice victims to download and execute the attachment. The attachment itself is often an executable with a heart icon. Most variants display some kind of screensaver with a sickeningly sweet message.

In addition to the war between Pakistani and Indian hackers, the coder of Yaha had a brush with Belgian coder Gigabyte. Yaha's coder abused her website, so she coded Yahasux, which attacks some variants of Yaha.

If you are a new Wikidot user, you might find the wiki syntax quick reference page useful!

And as usual, if you need help with anything, ask the Wikidot community!

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-NonCommercial-ShareAlike 3.0 License