TrojanDownloader:HTML/Iframe.F is the detection for HTML files that are loaded when a user visits certain websites. These may be found in webpages from servers that have been compromised by SQL injection attacks.

TrojanDropper:Win32/Ilomo is a trojan that drops another malware, detected as Trojan:Win32/Ilomo.gen!A, in the system. In the wild, this trojan has been observed to be installed by Javascript malware, such as Exploit:JS/Mult.K.

Trojan:Win32/Conhook.C attempts to download content from a remote Web site. Trojan:Win32/Conhook.C injects its code into running processes which could, depending on configuration, allow the Trojan to bypass permission-based firewalls in order to gain Internet access.

Trojan:Win32/Zlob.ZWC is a component of the greater Win32/Zlob malware family. Win32/Zlob is a large multi-component family of malware that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files (including additional malicious software). The Win32/Zlob family has also been associated with rogue security programs that display misleading warnings regarding bogus malware infections.

Trojan:Win32/Goweh.F is a Trojan that alters several settings in Internet Explorer. It changes the default home page and redirects search queries and traffic to other Web pages. Win32/Goweh.E is normally installed on a computer by another Trojan dropper or downloader.

Trojan:Win32/Alemod.E.dr is a Trojan dropper and data-stealing Trojan. Trojan:Win32/Alemod.E.dr infects wininet.dll; Microsoft detects the infected wininet.dll file as Win32/Nsag.B. The dropper installs Trojan:Win32/Alemod.E and Trojan:Win32/Alemod.E.dll. Together these Trojans perform operations such as capturing data from outbound user Web traffic and displaying a hyperlink and dropping shortcuts to the infected user's desktop. These shortcuts may point to spyware-related Web sites. For more information, see the encyclopedia entry for Win32/Alemod at
http://www.microsoft.com/security/encyclopedia/details.aspx?Name=Win32/Alemod

Trojan:Win32/Delf.M is a user-mode rootkit that hides its own presence on the system, as well as hiding the presence of other malicious software to which it may be associated. This trojan will be detected by Microsoft as Trojan:Win32/Delf.M!CME-96.

Trojan:Win32/Fotomoto.A is a Trojan that lowers security settings, delivers advertisements, and sends system and network configuration details to a remote Web site.

Trojan:Win32/Goweh.D is a Trojan that alters several settings in Internet Explorer. It changes the home page and redirects search queries and traffic to other Web pages. Win32/Goweh.D is usually installed on a computer by another Trojan dropper or downloader.

Trojan:Win32/Alemod.C.dr is a Trojan dropper and data-stealing Trojan. Trojan:Win32/Alemod.C.dr infects wininet.dll; Microsoft detects the infected wininet.dll file as Win32/Nsag.B. The dropper installs Trojan:Win32/Alemod.C and Trojan:Win32/Alemod.C.dll. Together these Trojans perform operations such as capturing data from outbound user Web traffic and displaying a hyperlink and dropping shortcuts to the infected user's desktop. These shortcuts may point to spyware-related Web sites.

Trojan:Java/Classloader.C is a malicious Java applet that can infect Microsoft Windows computers that are not patched with Microsoft Security Update MS03-011. An attacker can insert the Java applet into HTML code and host the code on a Web server or send the code in e-mail. When a user opens the Web page or e-mail, the vulnerability allows the applet to bypass a security check on the computer. The applet can then run malicious code on the computer and open a backdoor to receive commands from attackers.

Trojan:Win32/Stresid downloads files from remote websites, may install as a browser helper object (BHO), and displays pop-up advertising on affected users’ systems. Some variants of Trojan:Win32/Stresid have been bundled with rootkits that hide its presence on the system. Trojan:Win32/Stresid drops a randomly named executable to the temp directory and a randomly named dll to the Windows directory.

Trojan:Win32/Startpage.TD is a destructive Trojan that redirects Internet Explorer search-related pages to a fixed Web site.  It also adds URLs to the Internet Explorer Favorites list and opens Web pages from another fixed Web site. 

Trojan:Win32/Goweh.B is a Trojan that alters several settings in Internet Explorer, changing the home page and redirecting search queries and traffic to other Web pages. Win32/Goweh.B is usually installed on a computer by another Trojan dropper or downloader.

Trojan:Win32/Virtumonde.M is a Trojan that installs itself as a Browser Helper Object (BHO) and generates popup advertisements on a user's desktop. This trojan, which takes the form of a DLL, is injected into EXPLORER.EXE by other, additional malware. Advertisements may appear as visible windows or may be hidden from view.

Trojan:Win32/Agent.AGA is a Trojan lowers security settings, disables System File Checker, and connects to a remote Web site periodically.

Trojan:Java/Classloader.D is a malicious Java applet that can infect Microsoft Windows computers that are not patched with Microsoft Security Update MS03-011. An attacker can insert the Java applet into HTML code and host the code on a Web server or send the code in e-mail. When a user opens the malicious Web page or e-mail, the vulnerability allows the applet to bypass a security check on the computer. The applet can then run malicious code on the computer and open a backdoor to receive commands from attackers.

Trojan:Win32/Agent.AGB is a hacking tool designed to supply attackers with "Captcha" translations. The tool is designed to submit Captcha samples to a collection server.

 

Captcha is an acronym for "Completely Automated Public Turing test to tell Computers and Humans Apart". The main purpose for using Captcha is for human-authentication; it is used as a deterrent for attackers using automated methods of logging into chat rooms, or forums to post spam messages and advertisements.