TrojanDownloader:Win32/Zlob.gen!AR is generic detection for a component of the greater Win32/Zlob malware family. Win32/Zlob refers to a large multi-component family of malware that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files (including additional malicious software). The Win32/Zlob family has also been associated with rogue security programs that display misleading warnings regarding bogus malware infections.

Trojan:Win32/Busky.EE is a trojan that generates 'out of context' pop-up advertisements. It may connect to a remote Web server to download updates or other arbitrary files, and use stealth methods to make it difficult to remove.

TrojanDownloader:Win32/Zlob.gen!I is a generic detection for a component of the greater Win32/Zlob malware family. Win32/Zlob refers to a large multi-component family of malware that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files (including additional malicious software). The Win32/Zlob family has also been associated with rogue security programs that display misleading warnings regarding bogus malware infections.

TrojanDownloader:Win32/Zlob.IB is generic detection for a component of the Win32/Zlob malware family. Win32/Zlob refers to a large multi-component family of malware that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files (including additional malicious software). The Win32/Zlob family has also been associated with rogue security programs that display misleading warnings regarding bogus malware infections.

Windows Defender Antivirus detects and removes this threat.

 

Win32/Busky is a family of Trojans that monitor and redirect Internet traffic, gather system information and download unwanted software such as Win32/Renos and Win32/SpySheriff. Win32/Busky may be installed by a Web browser exploit or other vulnerability when visiting a malicious Web site.

Trojan:Win32/Fotomoto.A is a Trojan that lowers security settings, delivers advertisements, and sends system and network configuration details to a remote Web site.

Backdoor:Win32/Rbot.NC is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include (but are not limited to) instructions to spread to other computers via open network shares or by exploiting a vulnerability, or to launch denial of service (DoS) attacks against specified targets.

Win32/Busky is a family of Trojans that monitor and redirect Internet traffic, gather system information and download unwanted software such as Win32/Renos and Win32/SpySheriff. Win32/Busky may be installed by a Web browser exploit or other vulnerability when visiting a malicious Web site.

TrojanDropper:Win32/Busky.gen is a dropper component of the Win32/Busky family of Trojans. The Win32/Busky Trojans monitor and redirect Internet traffic, gather system information and download unwanted software such as Win32/Renos and Win32/SpySheriff. Win32/Busky may be installed by a Web browser exploit or other vulnerability when visiting a malicious Web site.

Win32/Busky is a family of Trojans that monitor and redirect Internet traffic, gather system information and download unwanted software such as Win32/Renos and Win32/SpySheriff. Win32/Busky may be installed by a Web browser exploit or other vulnerability when visiting a malicious Web site.

Trojan:Win32/Conhook.D attempts to download content from a remote Web site. Trojan:Win32/Conhook.D injects its code into running processes which could, depending on configuration, allow the Trojan to bypass permission-based firewalls in order to gain Internet access.

Spammer:Win32/Nuwar.A!dll is a component of the Win32/Nuwar Trojan family, and is used to relay e-mails. E-mail messages are sent in various formats, commonly containing a hyperlink to a remote Web site hosting Win32/Nuwar Trojan files.

Backdoor:Win32/Agent.RL is a backdoor Trojan that runs as a process at Windows startup, and may contact a remote Web server to notify attackers of the Trojan installation. Agent.RL may download additional programs or malware.

Worm:Win32/Moriogu.A is a worm that spreads via network drives. It also modifies various system settings, including the system boot menu.

TrojanDownloader:JS/Psyme.gen exploits a vulnerability known as the Navigation Method Cross-Domain Vulnerability, in the Web browser Internet Explorer to execute malicious Javascript. This malicious Javascript is commonly used to download and execute other malware onto the system. 

Backdoor:Win32/VB.CCB is a worm that spreads via network drives. It also modifies various system settings, including the system boot menu.

Win32/Fotomoto is a Trojan that lowers security settings, delivers advertisements, and sends system and network configuration details to a remote Web site.

Trojan:Win32/Vundo.gen!A is a generic detection for a multi-component family of programs that deliver 'out of context' pop-up advertisements to the computer on which they are installed and may download and execute arbitrary files. Vundo may exist on a computer as a dynamic link library (DLL) or as an executable. Some variants function as Browser Helper Objects (BHOs). It may also use defensive methods to make itself difficult to remove from the affected machine.