PWS:Win32/Lineage.CC is a password stealing trojan that targets popular online games. It may drop and load a payload component that performs the data theft, and a rootkit component that hides the trojan and its associated components from the affected user.

Cutwail is a trojan which is able to download and executes arbitrary files. Downloaded files may be executed from disk or injected directly into another process. Whilst the functionality of the files that are downloaded may change, Cutwail usually downloads a trojan which is able to send spam. Cutwail also employs rootkit and other defensive techniques to avoid detection and removal.

 

VirTool:WinNT/Cutwail.K is a device driver component (rootkit) used by Cutwail malware family.

It contains functionality to modify the system's winlogon.exe.

VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.

VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.

VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.

VirTool:Win32/CeeInject.gen!CA is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.

VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by anti-virus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.

VirTool:Win32/CeeInject.gen!DI is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.

VirTool:Win32/VBInject.gen!FF is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.

VirTool:Win32/Ceeinject.gen!DV is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.

VirTool:Win32/Vbcrypt.BZ is a detection for executables written in Visual Basic (VB), that embed other malicious components by encrypting them inside their code. Their main objective is to hide the embedded malicious components from users and avoid detection and removal by antivirus solutions.

VirTool:Win32/Vbcrypt.CG is a detection for executables written in Visual Basic (VB), that embed other malicious components by encrypting them inside their code. Their main objective is to hide the embedded malicious components from users and avoid detection and removal by antivirus solutions.

This detection is for suboptimal configurations that may prevent Microsoft Defender Antivirus from functioning properly.

If you see this detection, a suboptimal configuration was detected, and Microsoft Defender Antivirus will auto-heal by automatically resetting to more secure configurations.

VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by antivirus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.

VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by antivirus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.

VirTool:Win32/Obfuscator are detections for programs that have had their purpose obfuscated to hinder analysis or detection by antivirus scanners. They commonly employ a combination of methods including encryption, compression, anti-debugging and anti-emulation techniques.

VirTool:WinNT/Haxdoor.A is a kernel-mode rootkit-enabled Trojan that allows remote control of the infected machine over the Internet. The Trojan contains instructions that allow it to disable certain antivirus programs and firewall applications, log keystrokes, allow remote connections, lower security settings or perform other unwanted actions. VirTool:WinNT/Haxdoor.A gathers user and system information and sends it to a third party.

VirTool:Win32/Injector.BJ is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.