This dynamic-link library (DLL) file is dropped by variants of Backdoor:Win32/Berbew. See the parent variant list for more information.

Worm:Win32/Slenfbot.AA is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.

TrojanDownloader:Win32/Small.gen!AA is a program that silently downloads and executes arbitrary files without the affected user’s consent. Installation details and the files downloaded and executed may vary from instance to instance of this detection.

Virus:Win32/Virut.AA is a file infector that targets .EXE and .SCR files. It also opens a backdoor by connecting to an IRC server, allowing a remote attacker to download and execute arbitrary files on the infected computer.

Backdoor:Win32/Hackdef.AA is a backdoor Trojan that is distributed in various ways to computers running certain versions of Microsoft Windows. This Trojan is a user-mode rootkit. It creates, alters, and hides Windows system resources and can hide proxy services and backdoor functionality. It can also conceal use of TCP and UDP ports for receiving commands from attackers.

Exploit:Java/CVE-2010-0840.AA is the detection for an obfuscated malicious Java class applet component that exploits the vulnerability described in CVE-2010-0840. Successful exploitation leads to remote code execution.

Windows Defender detects and removes this threat.

This threat can collect your sensitive information and send it to a malicious hacker.

Find out ways that malware can get on your PC.

VirTool:Win32/DelfInject.AA is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.

Win32/Mydoom.AA@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also installs a .dll file that acts as a backdoor.

TrojanProxy:Win32/Mitglieder.AA is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan injects its code into the Windows Explorer process explorer.exe. The Trojan monitors a randomly chosen TCP port for commands from attackers. Attackers can use the computer as a Web and SMTP proxy. 

This software threat is detected and removed by the Malicious Software Removal Tool. For more information, see the parent variant.

Worm:AutoIt/Autorun.AA is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Variants of Worm:Win32/Autorun usually spread using methods that include, but may not be limited to, copying themselves to removable or network drives, and placing an autorun.inf file in the root directory of each affected drive in an attempt to ensure that the worm is run when the removable drive is attached, or the network drive is visited from a remote system supporting the Autorun feature.

VirTool:Win32/CeeInject.AA is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.

This detection covers some variants of malware that is also detected as Backdoor:Qakbot.gen!A. See that description for more information.

VirTool:Win32/VBInject.AA is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.