You are on page 1of 3

Adware ehRecObj.dll Virus.DOS.Muny.364 These are dangerous memory resid ent encrypted parasitic viruses.

They hook INT 21h and write themselves to the e nd of COM files that are executed. Muny.969 After infecting 33 files the virus d isplays a message in Russian, then creates a new file with the name of currently executed file and... Adware authfwcfg.dll Virus.DOS.VLAD.Systa.231 It is a harmless non mem ory-resident parasitic virus. It searches for SYS files, then writes itself to t he end of the file. The virus contains the text strings: SySta by Qark/VLAD *.s ys Adware compstui.dll Virus.DOS.CriminalWW.1788 These are very dangerous memory resident parasitic polymorphic viruses. They trace and hook INT 21h, the n they write themselves to the end of COM and EXE files that are executed or ope ned. Depending on their internal counters the viruses erase the MBR of the hard drive and then display the message:... Dialer dbnmpntw.dll Exploit.HTML.Ascii.e This exploit uses a vulnerabilit y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT ML page. It is 1315 bytes in size. It is not packed in any way. Trojan elslad.dll Trojan.BAT.Adduser.t This Trojan has a malicious payl oad. It is a BAT file. It is 1129 bytes in size. Backdoor iaspolcy.dll Backdoor.Win32.Delf.duc This malicious program i s a Trojan. It is a Windows PE EXE file. It is 447488 bytes in size. Trojan KBDHU1.DLL Trojan.Win32.Shutdowner.i This Trojan program is a Windows PE EXE file approximately 365KB in size. It is not packed in any way. Once launched, the Trojan will attempt to reboot the victim machine. It is usu ally used in conjunction with other malicious programs. Malware KBDSL.DLL Virus.DOS.Mini.60.a These are extremely primitive no n memory resident harmless viruses. They write themselves to all .COM files of t he current directory. The peculiarity of these viruses is their small length. Al l infectors contain the string "*.COM" or "*.com". The length of files getting infection by "Mini.127.b"... Malware MPG4DECD.DLL Virus.DOS.Croatia_II.560 It is a very dangerous m emory resident parasitic virus. It hooks INT 21h and writes itself to the end of COM files that are executed. The virus deletes the CHKLIST.MS file, if it exist s. On February 12th it erases the hard drive sectors and displays the message: Croatia must be free ! (c) 1995 by... Trojan NapiNSP.dll Trojan.BAT.FormatC.z This Trojan has a malicious payl oad. It is a BAT file. It is 18 bytes in size. Dialer oleaccrc.dll Exploit.Perl.Small.a This malicious program exploits a vulnerability in web server configuration in order to propagate. It is a Perl script. It is 3437 bytes in size. Dialer printui.dll Exploit.HTML.Ascii.p This exploit uses a vulnerabilit y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT ML page. It is 1872 bytes in size. It is not packed in any way. Spyware resutils.dll Trojan-PSW.Win32.Lmir.gen This family of Trojans s teals passwords to the online game Legend of Mir. As a rule, programs belonging to this family are written in high-level programming languages such as Delphi, Visual C/C++, Visual Basic). File sizes vary, and the programs utilize a range o f methods to install themselves to... Trojan synceng.dll Trojan.JS.Offiz Simple Trojan programs written in the JS (JSript) language that reside in HTM-files. These trojan scripts open many Int ernet Explorer windows that once open can't be closed. If a user presses the Alt +F4, Ctrl or Del keys a message box is displayed with the text: "You are an id iot!". Backdoor tzutil.exe Backdoor.Win32.SdBot.at This Trojan provides a r emote malicious user to perform operations on the victim machine. It is managed via IRC. The program itself is a Windows PE DLL file. It is written in Visual C++. The file is 43 520 bytes in size, and is not packed in any way. Installa tion This backdoor will be... Spyware WlanMM.dll Trojan-PSW.Win32.Lmir.a This Trojan is designed to steal confidential data. It is a Windows PE EXE file. The size of infected files ma

y vary from 147KB to 171KB. It is packed using AsPack. It is written in Delphi. Installation Once launched, the Trojan copies itself to the Windows root dire ctory (%WinDir%) under one... Rogue wshqos.dll Virus.DOS.Exorcist.212 It is a very dangerous nonmemory resident overwriting virus. It searches for COM files, then overwrites them, an d displays the message: Bad command or file name then returns to DOS. On 1st o f any month the virus erases sectors on the C: drive. The virus also contains th e text strings: [RED... Trojan authfwcfg.dll Trojan.MSWord.Thief This Trojan uses remote template vulnerability of MS Word 97. The URL is sent to some IRC channels that contain a HTML file that automatically loads and opens an MS Word document that contains reference to another MS Word template-containing Trojan macro. MS Word opens th is template without any... Trojan d3dx9_27.dll Trojan.Win32.DNSChanger.gn This Trojan downloads ot her files via the Internet and launches them for execution on the victim machine without the user’s knowledge or consent. It is an HTML page which contai ns Visual Basic Script. It is 1445 bytes in size. Malware dsrole.dll Virus.DOS.TaiPan.Chroot.727 This is a harmless memor y-resident parasitic virus. It hooks INT 21h and writes itself to the end of EXE files that are executed. This virus infects files that are executed, opened or accessed by Get/Set File Attributes DOS call. It deletes the F-PROT anti-virus and does not infect the file... Backdoor elsTrans.dll Backdoor.Win32.Agobot.a Backdoor.Agobot (also kn own as PhatBot) is a Trojan program which provides the author/ user with remote access to the victim machine. It is managed via IRC. It has a wide range of func tionalities: will not work with a debugger running or under Vmware it can run both as a standard application and... Backdoor IDStore.dll Backdoor.Netbus This is a hidden (hacker's) remo te administration utility similar to the known Backdoor.BO (a.k.a. Back Orifice) Trojan. It allows to administrate infected computers from a remote console, to steal files, to damage installed software etc. See Backdoor.BO Trojan. Rogue KBDINBEN.DLL Virus.DOS.Mabuhay.2660.b This is a very dangerous virus. It hooks INT 21h and writes itself to the end of COM and EXE files that are executed (except COMMAND.COM). It looks like modifications of the "Jerusalem " virus. On June, 12th it displays the national flag of Philippines, the text me ssage, erases the disk sectors and... Spyware msasn1.dll Trojan-PSW.Win32.Small.ae This Trojan program is d esigned to steal user passwords. It is a Windows PE EXE file. It is 10240 byte s in size. Installation The Trojan copies its executable file to the Windows sys tem directory: %System%\winsys.dll In order to ensure that the Trojan is launch ed automatically each time the... Spyware NcdProp.dll Trojan-PSW.Win32.LdPinch.byc This Trojan is designed to steal user passwords. It is a Windows PE EXE file. The file is 43 377 bytes in size. It is written in Assembler. Backdoor NlsLexicons0045.dll Backdoor.win32.Small.cz This Trojan make s it possible for a remote malicious user to control the victim machine. The pro gram is a Windows PE EXE file 2560 bytes in size. Worm pdhui.dll Worm.Win32.Bizex This worm uses the Internet inst ant messaging system ICQ to spread via the Internet. The worm sends ICQ users a message with a URL, which is linked to a file which contains procedures to auto matically download and execute the malicious component of the worm on the victim computer. Propagation On... Worm rsaenh.dll Worm.Win32.Bizex This worm uses the Internet inst ant messaging system ICQ to spread via the Internet. The worm sends ICQ users a message with a URL, which is linked to a file which contains procedures to auto matically download and execute the malicious component of the worm on the victim computer. Propagation On... Backdoor spwmp.dll Backdoor.Win32.Kbot.al This Trojan provides a r emote malicious user with access to the victim machine. It is a Windows PE EXE file. It is 12787 bytes in size. Installation Once launched, the backdoor copie

s its executable file to the Windows system directory: %System%\mssrv32.exe The backdoor then creates a service... Malware UIRibbonRes.dll Virus.DOS.Clone.833 This is a harmless companion vir us. It creates COM files with the same name as EXE file if found, and writes its elf into this COM file. This a memory resident virus. It hooks INT 21h, and hit s .EXE files that are executed. In April,0, the virus types: Your PC is Cloned! ! It also contains the... Dialer WindowsCodecsExt.dll Exploit.HTML.Ascii.e This exploit uses a vuln erability in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HTML page. It is 1315 bytes in size. It is not packed in any way. Rogue xpssvcs.dll Virus.DOS.Zerobug.1536.a It is a memory resident not dangerous virus which inserts itself into COM-files beginning at their creat ing: the infector hooks INT 21h, f.3Ch, creates the file, writes its body into t his file and returns the control back to the program that called this function. And then that program appends the...

You might also like