Win32/Mydoom.AA@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also installs a .dll file that acts as a backdoor.

VirTool:Win32/Injector.AA is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.

This software threat is detected and removed by the Malicious Software Removal Tool. For more information, see the parent variant.

Worm:Win32/Roron.AA@mm is a worm that attempts to send personal information to a remote address. It may spread via e-mail, network shares, or peer-to-peer file sharing.

This dynamic-link library (DLL) file is dropped by variants of Backdoor:Win32/Berbew. See the parent variant list for more information.

Worm:Win32/Slenfbot.AA is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.

TrojanDownloader:Win32/Small.gen!AA is a program that silently downloads and executes arbitrary files without the affected user’s consent. Installation details and the files downloaded and executed may vary from instance to instance of this detection.

Virus:Win32/Virut.AA is a file infector that targets .EXE and .SCR files. It also opens a backdoor by connecting to an IRC server, allowing a remote attacker to download and execute arbitrary files on the infected computer.

Worm:Win32/Hamweq.AA is a worm that spreads via removable drives, such as USB memory sticks. It contains an IRC-based backdoor, which may be used by a remote attacker to order the affected machine to participate in Distributed Denial of Service attacks, or to download and execute arbitrary files.

TrojanProxy:Win32/Mitglieder.AA is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan injects its code into the Windows Explorer process explorer.exe. The Trojan monitors a randomly chosen TCP port for commands from attackers. Attackers can use the computer as a Web and SMTP proxy. 

Worm:Win32/Taterf.AA is a worm that spreads via mapped drives in order to steal login and account details for popular online games.

Trojan:Win64/Sirefef.AA is a user-mode component of the Sirefef malware family and runs on the 64-bit version of Windows. Sirefef is a multi-component family that performs different functions, such as downloading updates and additional Sirefef components, hiding existing Sirefef components or performing a payload. This malware moderates your Internet experience by changing search results, and generating pay-per-click advertising revenue for the malware controllers.

For more information about the Sirefef family, see the description for Win32/Sirefef elsewhere in the encyclopedia.

Trojan:Win32/Tracur.AA is a trojan that silently downloads and installs other programs without consent. It could install additional malware or malware components to an affected computer.

TrojanDownloader:Win32/Bredolab.AA is a trojan that downloads and executes other malware from a remote server.

Backdoor:Win32/Hackdef.AA is a backdoor Trojan that is distributed in various ways to computers running certain versions of Microsoft Windows. This Trojan is a user-mode rootkit. It creates, alters, and hides Windows system resources and can hide proxy services and backdoor functionality. It can also conceal use of TCP and UDP ports for receiving commands from attackers.