Spyware twain.dll Trojan-PSW.Win32.LdPinch.

rn This Trojan belongs to a

family of Trojans written with the aim of stealing user passwords. LdPinch is d
esigned to steal confidential information. The Trojan itself is a Windows PE EXE
file approximately 17KB in size, packed using UPX. When installing, the Trojan
copies itself to the Windows system...
Backdoor AdmTmpl.dll Backdoor.Win32.Agobot.a Backdoor.Agobot (also kn
own as PhatBot) is a Trojan program which provides the author/ user with remote
access to the victim machine. It is managed via IRC. It has a wide range of func
tionalities: will not work with a debugger running or under Vmware it can run
both as a standard application and...
Spyware aelupsvc.dll Trojan-PSW.Win32.LdPinch.abm This Trojan program is d
esigned to steal confidential user data. It harvests user names and passwords to
a range of services and programs, and incorporates an SMTP server. The Trojan
is a Windows PE EXE file, written in C++, and is 58410 bytes in size. Once lau
nched, the Trojan copies itself to...
Adware certcli.dll Virus.DOS.Put.1939 It is not a dangerous nonmemory
resident encrypted parasitic virus. It searches for .EXE files and writes itself
to the end of the file. The beginning of virus the body contains the word "PUT"
. Sometimes the virus displays the message:...
Malware cmdkey.exe Virus.DOS.PM.733 It is a harmless memory resident
stealth parasitic virus. It hooks INT 21h and writes itself to the end of .COM
files that are executed or closed. When an infected file is opened, the virus di
sinfects it. The virus contains the ID-strings: PM
Backdoor d3d10.dll Backdoor.Win32.AckCmd This Troajn program can
be used for remote administration of the victim machine. It has both a client an
d a server component. The server component is written in Microsoft Visual C++.
It is 28672 bytes in size, and is not packed in any way. The client component is
also written in Microsoft Visual...
Malware dmdskres.dll Virus.DOS.ProtoVirus.720.a These are not dangerous
memory resident parasitic viruses. They hook INT 21h and write themselves to the
end of .COM files that are executed. The viruses contain the text string: ** P
rotoVirus v1.0 by Chr'92 ** and check it while installing into the system memor
y. If that string is altered, the...
Trojan EncDec.dll Trojan.Win32.KillAV.gj This Trojan is a Windows PE EXE
file 61440 bytes in size. Once launched, the Trojan causes the following messa
ge to be displayed: It then creates a file called Update.bat in the C: root d
irectory: C:\Update.bat The Trojan terminates any processes it finds with the
names listed below:...
Rogue FDResPub.dll Virus.DOS.Eupm.1731 It's a very dangerous memory res
ident encrypted virus which hooks INT 21h and infects by a standard manner COM-
and EXE-files (except COMMAND.COM) when they are executed. It contains the text:
"-- E.U.P.M. 1991 -- COMMAND". On the 1st of every month it erases the disk sec
tors.
Dialer iccvid.dll Exploit.HTML.Ascii.c This exploit uses a vulnerabilit
y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT
ML page. It is 1058 bytes in size. It is not packed in any way.
Trojan iTVData.dll Trojan.BAT.MkDirs.z This primitive Trojan is written
in BAT and is 317 bytes in size. When launched, the virus deletes all the file
s from the C:\windows\ directory. Creates directories named "1", "2", "3", "4"
etc. up to "18" in the current directory. While deleting files it displays the
following text: You are...
Backdoor KBDLT2.DLL Backdoor.Win32.RA-based This is a typical client
-server remote administration utility that allows connection to remote computer(
s) in order to manage its (their) system resources in real time (similar to "pcA
nywhere" by Symantec). This utility has a "Remote-Anything" name, and it is deve
loped and distributed by the TWD...
Trojan KBDTIPRC.DLL Trojan.BAT.FormatC.z This Trojan has a malicious payl
oad. It is a BAT file. It is 18 bytes in size.
Rogue mgmtapi.dll Virus.DOS.Digger.1000 This is a harmless memory-reside
nt parasitic encrypted virus. On execution it removes itself from the host file,
 then executes it, hooks INT 21h and stays memory resident. It infects the COM a
nd EXE files on their execution and inserts itself into their bodies. EXE files
are converted to COM format...
Trojan MPSSVC.dll Trojan.Win32.Shutdowner.i This Trojan program is a
Windows PE EXE file approximately 365KB in size. It is not packed in any way.
Once launched, the Trojan will attempt to reboot the victim machine. It is usu
ally used in conjunction with other malicious programs.
Spyware msprivs.dll Trojan-PSW.Win32.LdPinch.rn This Trojan belongs to a
family of Trojans written with the aim of stealing user passwords. LdPinch is d
esigned to steal confidential information. The Trojan itself is a Windows PE EXE
file approximately 17KB in size, packed using UPX. When installing, the Trojan
copies itself to the Windows system...
Backdoor NAPSTAT.EXE Backdoor.Win32.BO.a This Trojan (also known
as Back Orifice Trojan) is a network-administration utility that allows for the
controlling of computers on the network. "'Back Orifice' is a remote administrat
ion system, which allows a user to control a computer across a tcpip connection
using a simple console or gui...
Spyware NlsLexicons0024.dll Trojan-PSW.Win32.Lmir.gen This family of T
rojans steals passwords to the online game Legend of Mir. As a rule, programs b
elonging to this family are written in high-level programming languages such as
Delphi, Visual C/C++, Visual Basic). File sizes vary, and the programs utilize a
range of methods to install themselves to...
Malware ntkrnlpa.exe Virus.DOS.Shifter.983 This virus infects .OBJ files pr
epared to be compiled to COM files. The virus inserts itself into OBJ files so,
that after linking to COM executable file the result contains the virus at the b
eginning of the file. When that file is executed, the virus receives the control
, hooks INT 21h and...
Backdoor PresentationCFFRasterizerNative_v0300.dll Backdoor.Win32.J
ix.a This Trojan has a built-in remote administration tool. The program itse
lf is a Windows PE EXE file approximately 15KB in size, packed using UPX. The u
npacked file is approximately 25KB in size. Once launched, the Trojan copies it
self to the Windows system directory under one of the following...
Backdoor rdprefdrvapi.dll Backdoor.Perl.AEI.16 This Trojan prog
ram is designed to provide remote management of systems running UNIX-type operat
ing systems. It is a Perl scenario. It is approximately 12KB in size.
Dialer sdchange.exe Exploit.Linux.Lacksand This exploit is written in C, an
d is approximately 16KB in size. It uses a loophole present in NIPrint LPD-LPR
Print Server versions 4.10 and lower.
Dialer shell32.dll Exploit.HTML.Ascii.b This exploit uses a vulnerabilit
y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT
ML page. It is 3616 bytes in size. It is not packed in any way.
Trojan synceng.dll Trojan.MSWord.Thief This Trojan uses remote template
vulnerability of MS Word 97. The URL is sent to some IRC channels that contain
a HTML file that automatically loads and opens an MS Word document that contains
reference to another MS Word template-containing Trojan macro. MS Word opens th
is template without any...
Adware TRAPI.dll Virus.DOS.Zzz.1379 It is a dangerous nonmemory resi
dent parasitic virus. It searches for .COM files in the directories C:\WINDOWS\C
OMMAND, C:\DN, \CLIENT\WIN95\, then writes itself to the beginning of the file.
While infecting the virus creates temporary file ZZZ.TMP. On 20th and 27th of an
y month the virus deletes...
Dialer vbscript.dll Exploit.HTML.Ascii.j This exploit uses a vulnerabilit
y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT
ML page. It is 1046 bytes in size. It is not packed in any way.
Adware WinFax.dll Virus.DOS.Zzz.1379 It is a dangerous nonmemory resi
dent parasitic virus. It searches for .COM files in the directories C:\WINDOWS\C
OMMAND, C:\DN, \CLIENT\WIN95\, then writes itself to the beginning of the file.
While infecting the virus creates temporary file ZZZ.TMP. On 20th and 27th of an
y month the virus deletes...
Trojan wmdmps.dll Trojan.Win32.Diamin.jn This Trojan has a malicious payl
oad. It is a Windows PE EXE file. It is 29392 bytes in size. It is packed usin
g UPX. The unpacked file is approximately 52KB in size. It is written in Delphi
. Installation When launched, the Trojan copies its executable file to the Wind
ows directory as...
Dialer wzcdlg.dll Exploit.HTML.Ascii.e This exploit uses a vulnerabilit
y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT
ML page. It is 1315 bytes in size. It is not packed in any way.