TrojanDownloader:Win32/Renos.LX is a generic detection for a family of trojans that connect to certain websites in order to download arbitrary files. This may include other TrojanDownloader:Win32/Renos components, and rogue antivirus software such as Trojan:Win32/FakeSecSen or Trojan:Win32/FakeXPA.

TrojanDropper:Win32/Agent.FO is a trojan that reports its installation to a remote server, captures local system information and monitors web browsing activities.

Worm:Win32/Pushbot.VD is a worm that may spread to network drives as a file named "moco.exe". The worm contains backdoor functionality that allows unauthorized access and control of an affected machine. The worm may be instructed to spread via MSN Messenger and block access to web email services.

TrojanDownloader:Win32/Kuluoz.A is a trojan that attempts to connect your computer to a remote server so it receives and performs instructions, such as to download and execute files. This trojan has been observed to download variants of Trojan:Win32/FakeSysdef, a rogue security scanner.

Windows Defender Antivirus detects and removes this threat.  

This trojan tries to connect your PC to a remote server to receive instructions from a malicious hacker. The hacker can then tell the trojan to perform any number of actions, including to download and run files. We have seen this trojan download variants of the rogue security scanner Rogue:Win32/Winwebsec.

There is more information in the Win32/Kuluoz family description.

Worm:Win32/Mybandok.A is a worm that spreads via e-mail. It has backdoor functionalities and attempts to download files from certain Web sites.

Trojan:Win32/Dursg is a trojan that redirects web search queries to a malicious URL to display advertisements or download other malware.

Backdoor:Win32/Mocbot.AF is an IRC trojan that connects to an IRC channel and awaits commands  from remote attackers. When instructed, Backdoor:Win32/Mocbot.AF begins searching the local network for systems which have not yet applied the Microsoft Windows Server service security patch described in Microsoft Security Bulletin MS08-067. The trojan also includes the ability to send messages via AOL Instant Messenger (AIM) and ICQ.

 

Backdoor:Win32/Mocbot.AF may lower security settings on infected systems and allows the system to be used for nefarious purposes, such as launching a denial of service (DoS) attack against others. Backdoor:Win32/Mocbot.AF includes the ability to download other files, thus the trojan could update its functionality or download additional malicious software to infected systems.

 

Worm:Win32/Slenfbot.ZD is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.

PWS:Win32/Zbot.SZ is a detection for a password stealer and remote access trojan. The trojan is installed by other malware.

Windows Defender Antivirus detects and removes this threat.

 

This threat can give a malicious hacker access to your PC.

 

It can be installed when you visit a hacked or malicious web page.

 

See the Win32/Ramnit family description for more information on this type of threat.

 

Find out ways that malware can get on your PC.