Spyware AcLayers.dll Trojan-PSW.Win32.Coced.

215 This Trojan steals user

passwords. It is designed to steal a range of confidential information. It is a
Windows PE EXE file. It is 10,240 bytes in size. It is written in Visual C++.
Installation Once launched, the Trojan copies its executable file to the Windows
system directory:...
Backdoor adsnt.dll Backdoor.Win32.RA-based This is a typical client-server
remote administration utility that allows connection to remote computer(s) in
order to manage its (their) system resources in real time (similar to "pcAnywhere"
by Symantec). This utility has a "Remote-Anything" name, and it is developed and
distributed by the TWD...
Spyware asr_fmt.exe Trojan-PSW.Win32.LdPinch.abm This Trojan program is
designed to steal confidential user data. It harvests user names and passwords to
a range of services and programs, and incorporates an SMTP server. The Trojan is
a Windows PE EXE file, written in C++, and is 58410 bytes in size. Once
launched, the Trojan copies itself to...
Worm clipsrv.exe Net-Worm.Win32.Zorin.a This worm infects computers running
Windows, and spreads via open network resources. Once installed, the worm
infects .exe files on the victim computer. The worm itself is a Windows PE EXE
file, and is approximately 82KB in size. Installation Once launched, the worm
copies itself to the Windows...
Adware comrepl.dll Virus.DOS.Beast.a This is a dangerous stealth virus that
affects COM files, writing itself at the file beginning. A file is infected as it
is executed or closed. The beginning of the file is saved at the first unused
sector of the last cluster of the file. ? <----------- File
-------------------------->...
Rogue debug.exe Lemena.3544 It is not a dangerous memory resident parasitic
polymorphic virus. It copies itself to the video memory at address BC00:0000,
hooks INT 22h (Terminate call), returns control to host program, waits for
termination and hooks INT 21h. To hook INT 21h the virus patches the DOS kernel.
The virus then...
Rogue dxdiagn.dll Virus.DOS.HS.903 This is a dangerous memory resident parasitic
virus. It hooks INT 21h and writes itself to the end of COM and EXE files (except
AIDSTEST.EXE) that are executed. On December, 27th it erases the hard drive
sectors. It also hooks INT 17h (printer) and sometimes prints rude messages in
Russian. The...
Trojan fde.dll Trojan.Win32.DNSChanger.gn This Trojan downloads other
files via the Internet and launches them for execution on the victim machine
without the user&#8217;s knowledge or consent. It is an HTML page which contains
Visual Basic Script. It is 1445 bytes in size.
Trojan httpapi.dll Trojan-SMS.SymbOS.Viver.a This Trojan program is
designed to run on smartphones running Symbian. The Trojan is a SIS installation
archive. The Trojan has no self replication routine. Trojan-SMS.SymbOS.Viver.a
actually covers two variants of this malicious program. The first is an archive
called RulesViver.sis. It is 42,...
Adware ifsutil.dll Virus.DOS.VLAD.Systa.231 It is a harmless non memory-
resident parasitic virus. It searches for SYS files, then writes itself to the end
of the file. The virus contains the text strings: SySta by Qark/VLAD *.sys
Rogue kbdes.dll Virus.DOS.Euskara.811 It is not a dangerous nonmemory resident
parasitic virus. It searches for COM files, then writes itself to the end of the
file. The virus leaves in the HMA the memory resident program that hooks INT 9
(keyboard) and depending on the keys that are pressed either manifests itself with
some video...
Rogue kbdir.dll Virus.DOS.TurboExe.846 These are very dangerous memory resident
parasitic viruses. They hook INT 21h and write themselves to the end of COM and
EXE files that are executed. While changing a current directory the viruses search
for the first EXE file, and infect it. When the TURBO.EXE file is executed the
viruses disable...
Adware logagent.exe Virus.DOS.Squatter.9742 This is a dangerous memory
resident parasitic highly polymorphic and stealth virus. It hooks INT 21h and
writes itself to the end of COM and EXE files that are accessed. Depending on
their counters the virus also infects the "C:\DOS\KEYB.COM" file, if it exists.
The virus does not infect the...
Worm mgmtapi.dll Net-Worm.Win32.Mytob.a This network worm infects computers
running Windows. It is a Windows PE EXE file approximately 43KB in size, packed
using FSG. The unpacked file is approximately 143KB in size. The worm spreads via
a vulnerability in the Windows LSASS service. You can find information about the
vulnerability...
Trojan mqoa.dll Trojan.Win32.Diamin.jn This Trojan has a malicious
payload. It is a Windows PE EXE file. It is 29392 bytes in size. It is packed
using UPX. The unpacked file is approximately 52KB in size. It is written in
Delphi. Installation When launched, the Trojan copies its executable file to the
Windows directory as...
Rogue msoeacct.dll Virus.DOS.Hypnotiser.1784 It is not a dangerous memory
resident encrypted parasitic virus. It hooks INT 21h and writes itself to the end
of COM and EXE files that are executed. When anti-viruses AVP, WEB, DRWEB are
executed, or Windows is started, the virus removes itself from the memory. The
virus also does not infect the...
Spyware nbtstat.exe Trojan-PSW.Win32.Lmir.gen This family of Trojans steals
passwords to the online game Legend of Mir. As a rule, programs belonging to this
family are written in high-level programming languages such as Delphi, Visual C/C+
+, Visual Basic). File sizes vary, and the programs utilize a range of methods to
install themselves to...
Worm netstat.exe Net-Worm.Win32.CodeGreen.a This is an Internet worm that
targets Web sites by infecting Internet Information Servers (ISS). The worm
completes the method of spreading from one Web site to other Web sites by sending
and executing its code on remote machines in a similar way to the "CodeRed" IIS
worm. This worm, like the...
Worm odexl32.dll Net-Worm.Win32.Witty This fileless worm, also known as
BlackIce and Blackworm, infects computers which use the following vulnerable ISS
products: RealSecure Network 7.0, XPU 22.11 and before RealSecure Server Sensor
7.0 XPU 22.11 and before RealSecure Server Sensor 6.5 for Windows SR 3.10 and
before Proventia A...
Spyware ping6.exe Trojan-PSW.Win32.QQRob.10 This Trojan is designed to
steal user passwords. It is a Windows PE EXE file. It is 70,144 bytes in size.
Installation When launched, the Trojan copies its executable file to the Windows
system directory: %System%\robber1.exe The Trojan also adds a link to its
executable file in the system...
Malware redir.exe Virus.DOS.Clone.833 This is a harmless companion virus.
It creates COM files with the same name as EXE file if found, and writes itself
into this COM file. This a memory resident virus. It hooks INT 21h, and hits .EXE
files that are executed. In April,0, the virus types: Your PC is Cloned!! It
also contains the...
Rogue samlib.dll Virus.DOS.Mono.1063 It is a very dangerous memory resident
parasitic virus. IT hooks INT 21h and infects COM files that are executed, and
deletes the files that are opened. It infects the memory like "Cascade" virus, but
contains several errors. It installs, infects and deletes the files only upon
monochrome monitor...
Rogue shgina.dll Virus.DOS.Hypnotiser.1784 It is not a dangerous memory
resident encrypted parasitic virus. It hooks INT 21h and writes itself to the end
of COM and EXE files that are executed. When anti-viruses AVP, WEB, DRWEB are
executed, or Windows is started, the virus removes itself from the memory. The
virus also does not infect the...
Dialer sti.dll Exploit.HTML.Ascii.b This exploit uses a vulnerability
in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HTML
page. It is 3616 bytes in size. It is not packed in any way.
Dialer tracerpt.exe HackTool.Perl.IrBot.d This malicious program is a
hacking utility. It is a Perl script. The size of infected files may vary from
12KB to 69KB.
Trojan webcheck.dll Trojan.Win32.Shutdowner.i This Trojan program is
a Windows PE EXE file approximately 365KB in size. It is not packed in any way.
Once launched, the Trojan will attempt to reboot the victim machine. It is
usually used in conjunction with other malicious programs.
Rogue winspool.exe Virus.DOS.Exorcist.212 It is a very dangerous nonmemory
resident overwriting virus. It searches for COM files, then overwrites them, and
displays the message: Bad command or file name then returns to DOS. On 1st of
any month the virus erases sectors on the C: drive. The virus also contains the
text strings: [RED...
Trojan wups2.dll Trojan.Win32.LipGame.i This Trojan is a Windows PE EXE
file written in C++ and packed using UPX. The file is 23552 bytes in size, and the
unpacked file is 56832 bytes in size. The program is represented by a transparent
icon, and it is therefore difficult to see it in some file managers. This Trojan
is almost identical...