oad. It is 649 bytes in size. It is written in Visual Basic Script. Trojan hpzmsi01.exe Trojan.Win32.Killav.k This Trojan has a malicious payl oad. It is a Windows PE EXE file. It is 11,264 bytes in size. It is packed usi ng UPX. The unpacked file is approximately 24KB in size. It is written in C++. Backdoor virtdk64.sys Backdoor.Win32.AckCmd This Troajn program can be used for remote administration of the victim machine. It has both a client an d a server component. The server component is written in Microsoft Visual C++. It is 28672 bytes in size, and is not packed in any way. The client component is also written in Microsoft Visual... Worm ARP.EXE Worm.Win32.Randex.a "Randex" is a group of worms that spread over Win32 networks (local and global) through shared resources. The worms are Windows PE EXE files that appear under several names (see name ist below). Rand ex worms are written in Microsoft Visual C++. A Randex worm enters a computers and goes into a... Spyware AzSqlExt.dll Trojan-PSW.Win32.PdPinch.gen This family of Trojan pr ograms steals confidential information from the victim machine, including files containing configuration details which contain passwords. Although passwords are normally saved in an encrypted form, the encryption used is very weak. Progra ms from this family steal files... Adware ci.dll Virus.DOS.Accept.3619 This is a dangerous memory resident para sitic encrypted virus. It hooks INT 21h and writes itself at the end of COM and EXE files that are executed. If the file is already infected, the virus searches for other executable files and hits them. The virus contains the internal text string:... Worm dbnetlib.dll Worm.Win32.Agent.i This malicious program is a worm . It is a Windows PE EXE file. It is 71 168 bytes in size. It is packed using UPX. The unpacked file is approximately 240KB in size. Installation When launc hed, the worm creates the following folder: %System%\ace When launched, the worm extracts the following file... Dialer dinput.dll Exploit.Perl.Small.a This malicious program exploits a vulnerability in web server configuration in order to propagate. It is a Perl script. It is 3437 bytes in size. Adware dnssd.dll Virus.DOS.Carbuncle.622 Carbuncle is a dangerous memory resident companion virus. It is the COM file 622 bytes of length. On execution i t checks the system time, depending on current seconds value it either jumps to infection routine or calls the trigger function. In infection routine the virus creates the... Trojan ExplorerFrame.dll Trojan.Win32.Killav.be This Trojan is designed to disable antivirus programs and terminate a range of processes on the victim m achine. It is a Windows PE EXE file. The file is 5,632 bytes in size. Install ation This Trojan will be installed to the victim machine by another malicious program. Adware GuidedHelp.dll Virus.DOS.Cheeba.1683 This is a memory resident harmle ss virus which infects COM and EXE files by standard manner. It infects the memo ry only if the INT 13h vector points to memory area with address lesser than add ress of the first MCB. The virus changes the first 5 bytes into INT 13h, 21h, 22 h handlers to instruction... Worm hppldcoi.dll Worm.Win32.Hai This is a local network worm that spread s on Win32 systems. The worm itself is a Win32 executable file about 60K in leng th, and it is written in MS Visual C++. The known worm version is encrypted by P ELock Win32 EXE file protection tool. The spreading process distributes the wor m copy throughout a... Worm iprtrmgr.dll Net-Worm.Win32.Aler.a This worm contains a backdoor fu nction. It has been widely spammed via email. However, it does not spread via em ail, but via network resources with weak password protection. Infected messages Message subject Latest News about Arafat!!! Message body Hello guys! Latest news about... Dialer KBDGEO.DLL Exploit.HTML.Ascii.ad This exploit uses a vulnerabilit y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT ML page. It is 2641 bytes in size. It is not packed in any way. Backdoor KBDKYR.DLL Backdoor.win32.Small.cz This Trojan makes it pos sible for a remote malicious user to control the victim machine. The program is a Windows PE EXE file 2560 bytes in size. Dialer KBDUSA.DLL Exploit.HTML.Ascii.f This exploit uses a vulnerabilit y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT ML page. It is 1614 bytes in size. It is not packed in any way. Trojan lz32.dll Trojan.JS.Offiz Simple Trojan programs written in the JS (JSript) language that reside in HTM-files. These trojan scripts open many Int ernet Explorer windows that once open can't be closed. If a user presses the Alt +F4, Ctrl or Del keys a message box is displayed with the text: "You are an id iot!". Backdoor mfcuia32.dll Backdoor.Perl.AEI.16 This Trojan program is d esigned to provide remote management of systems running UNIX-type operating syst ems. It is a Perl scenario. It is approximately 12KB in size. Dialer msfeedsbs.dll Exploit.HTML.Ascii.j This exploit uses a vulnerabilit y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT ML page. It is 1046 bytes in size. It is not packed in any way. Rogue mtxdm.dll Virus.DOS.Zerobug.1536.a It is a memory resident not dangerous virus which inserts itself into COM-files beginning at their creat ing: the infector hooks INT 21h, f.3Ch, creates the file, writes its body into t his file and returns the control back to the program that called this function. And then that program appends the... Spyware NAPMONTR.DLL Trojan-PSW.Win32.LdPinch.ur This Trojan is designed to steal user passwords. It is a Windows PE EXE file. The size of the infecte d file may vary between 21KB to 86KB. It is packed using FSG. Backdoor NlsData003e.dll Backdoor.Win32.BO.a This Trojan (also known as Back Orifice Trojan) is a network-administration utility that allows for the controlling of computers on the network. "'Back Orifice' is a remote administrat ion system, which allows a user to control a computer across a tcpip connection using a simple console or gui... Rogue ntdsapi.dll Virus.DOS.Zerobug.1536.a It is a memory resident not dangerous virus which inserts itself into COM-files beginning at their creat ing: the infector hooks INT 21h, f.3Ch, creates the file, writes its body into t his file and returns the control back to the program that called this function. And then that program appends the... Trojan p2pnetsh.dll Trojan.JS.Offiz Simple Trojan programs written in the JS (JSript) language that reside in HTM-files. These trojan scripts open many Int ernet Explorer windows that once open can't be closed. If a user presses the Alt +F4, Ctrl or Del keys a message box is displayed with the text: "You are an id iot!". Trojan PNPXAssoc.dll Trojan.VBS.KillOS.a This Trojan has a malicious payl oad. It is 343 bytes in size, and written in Visual Basic Script. Rogue rasgcw.dll Virus.DOS.MIPT.602 MIPT.602 It is not a dangerous m emory resident parasitic virus. It hooks INT 21h and writes itself to the end of .COM files that are executed. The virus does not allow to open the LOGO.PIC, HE RETIC.WAD, KB2.DAT files, it returns error code on such calls. The virus contain s the text strings:... Worm scksp.dll Worm.Win32.Shorm This is a network worm spreading over local and global networks. To spread, the worm connects to remote computer s, and if the disk is shared for full access, the worm copies itself there to th e Windows startup directory (if it exists). The worm also has password stealing ability. It obtains RAS... Spyware serialui.dll Trojan-PSW.Win32.LdPinch.rn This Trojan belongs to a family of Trojans written with the aim of stealing user passwords. LdPinch is d esigned to steal confidential information. The Trojan itself is a Windows PE EXE file approximately 17KB in size, packed using UPX. When installing, the Trojan copies itself to the Windows system... Backdoor srdelayed.exe Backdoor.Win32.Delf.duc This malicious program i s a Trojan. It is a Windows PE EXE file. It is 447488 bytes in size. Rogue sxproxy.dll Virus.DOS.Spartak_II.2000 It is not a dangerous no nmemory resident polymorphic companion virus. It searches for .COM and .EXE file s, then renames .COM files to .CCC and .EXE files to .EEE, then writes itself in stead of host file. After infection the virus creates in the current directory t he SPARTAK.BAT file and writes to... Malware Uci32112.dll Virus.DOS.LoveBuzz.381 These are very dangerous memory resident parasitic viruses. They hook INT 21h and writes themselves to the end o f the files. They contain the text strings: "LoveBuzz.381": Lyubasha "LoveBuzz .591": LoveBuzz "LoveBuzz.381" infects .COM-files only, and corrupts them whil e... Malware vsstrace.dll Virus.DOS.Vole.487 These are very dangerous nonmemo ry resident encrypted parasitic viruses. They search for .COM files in the curre nt and parent directories, then write themselves to the end of the file. Before return control to the host program they erase disk sectors and display the messa ge: Inherit the Wind... Malware winbrand.dll Virus.DOS.Shifter.983 This virus infects .OBJ files pr epared to be compiled to COM files. The virus inserts itself into OBJ files so, that after linking to COM executable file the result contains the virus at the b eginning of the file. When that file is executed, the virus receives the control , hooks INT 21h and... Worm wlanext.exe Net-Worm.Win32.Witty This fileless worm, also known a s BlackIce and Blackworm, infects computers which use the following vulnerable I SS products: RealSecure Network 7.0, XPU 22.11 and before RealSecure Server Se nsor 7.0 XPU 22.11 and before RealSecure Server Sensor 6.5 for Windows SR 3.10 and before Proventia A... Dialer wpdbusenum.dll Exploit.HTML.Ascii.ae This exploit uses a vulnerabilit y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT ML page. It is 3616 bytes in size. It is not packed in any way.