Backdoor:Win32/Smadow.gen!B is a generic detection for malware that can perform different actions, such as executing other malware. The executed malware may be detected as TrojanDropper:Win32/Sirefef.B or Trojan:Win32/Sirefef.

Win32/Mywife.E@mm is a mass-mailing network worm that targets certain versions of Microsoft Windows. The worm spreads through e-mail attachments and writeable network shares. It is expected to corrupt the content of specific files on the third day of every month.

 

This threat has been assigned CME identifier CME-24. It will be detected as Win32/Mywife.E@mm!CME-24.

Trojan:Win32/Goweh.A is a Trojan that alters several settings in Internet Explorer, changing the home page and redirecting search queries and traffic to other Web pages. Win32/Goweh.A is usually installed by another Trojan dropper or downloader.

Trojan:Win32/Agent!246A is an Internet Explorer Browser Helper Object (BHO) implemented as a DLL plug-in that allows attackers to customize and control Internet Explorer.

Trojan:Win32/Apropos.B is a Trojan that may be installed by Trojan dropper Trojan:Win32/Apropos.B.dr on computers running Microsoft Windows. The Trojan dropper also installs rootkit VirTool:WinNT/Zufyx.A, which hides Trojan:Win32/Apropos.B. Trojan:Win32/Apropos.B connects to certain servers from the infected computer to receive commands from attackers.   

Trojan:Win32/Alureon.gen!B is generic detection for a trojan that may help an attacker intercept inbound and outbound Internet traffic from the host computer. This may allow an attacker to capture confidential information such as user names, passwords, and credit card data. The trojan may also enable an attacker to transmit malicious data to the infected computer. Trojan:Win32/Alureon.gen!B may modify DNS settings on the host computer to enable the attacker to perform malicious tasks. Therefore it may be necessary to reconfigure DNS settings after the trojan is removed from the computer.

Trojan:Win32/Agent.B is a Trojan that redirects Web traffic and manipulates certain Windows applications. Trojan:Win32/Agent.B may install other unwanted software, or may be bundled with other unwanted software.

Trojan:Win32/Tibs.DV is a Trojan that allows unauthorized access to an infected computer. The Trojan receives commands indirectly from a remote attacker via its connection to a malicious peer-to-peer network. This Trojan also contains advanced stealth functionality that allows it to hide particular files, folders and processes.

Win32/Nsag.B is a data-stealing Trojan. The Trojan is created when certain code is injected into wininet.dll, which is a Windows system file. When a user tries to send data to a Web site, code in Win32/Nsag.B may cause code in another malicious DLL on the computer to capture the user data and send it to an attacker.

Win32/Valla.2048 is a virus that appends itself to executable files on an infected computer.

Win32/Vulgar.A is a file infector that may overwrite files on local or mapped drives.

Trojan:Win32/Bube.G is a Trojan that lowers security settings stored in the registry, attempts to download programs from a remote Web site and disables features in the Windows Security Center.

Trojan:Win32/Delf.M!CME-96 is a user-mode rootkit that hides its own presence on the system, as well as hiding the presence of other malicious software to which it may be associated.

Trojan:Win32/StartPage.TC is a browser-modifying Trojan that targets certain versions of Microsoft Windows and Internet Explorer. The Trojan changes the current Internet Explorer settings, specifying a different Web site as the home page or search page.

Trojan:Win32/Goweh.C is a Trojan that alters several settings in Internet Explorer. It changes the home page and redirects search queries and traffic to other Web pages. Win32/Goweh.C is usually installed on a computer by another Trojan dropper or downloader.

Trojan:Java/Classloader is a malicious Java applet that exploits a vulnerability in certain unpatched versions of Microsoft virtual machine (Microsoft VM). Details on the vulnerability can be found in Microsoft Security Bulletin MS03-011 at http://www.microsoft.com/technet/security/Bulletin/MS03-011.mspx

Trojan:HTML/Bankfraud.M is generic detection for email that contains malicious links to known phishing sites. Phishing sites are designed to look like legitimate bank or ecommerce sites. Users who visit these sites and enter their login credentials risk having their credentials exposed to attackers.

Trojan:Win32/Adialer.OP is a Trojan dialer that connects to remote hosts without user consent. The Trojan consists of an installer, and an installed DLL, identified as Trojan:Win32/Adialer.OP!dll. The Trojan may connect to a remote Web site to download data, and may connect to UDP ports 3010 or 3011.

Trojan:Win32/Startpage.TE is a destructive Trojan that targets certain versions of Microsoft Windows. The Trojan sets the Internet Explorer default home page to a malicious URL when any user logs on to an infected computer.

Trojan:Win32/Advhost.A is an advertising application downloader.