Backdoor:Win32/Berbew.AY is a backdoor Trojan that targets computers running Microsoft Windows 2000 and Windows XP. The Trojan is downloaded to a computer by another downloader Trojan that is sent by e-mail. Backdoor:Win32/Berbew.AY retrieves passwords and sends them to a Web site. It also monitors certain TCP ports for incoming messages.

Backdoor:Win32/Beastdoor.DL is a trojan that allows unauthorized remote access and control to the affected computer. It also modifies certain settings on the computer.

Backdoor:Win32/Rbot.NF is a backdoor Trojan that runs in the background, gathers software installation and computer configuration details, and connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Worm:Win32/Slenfbot.AX is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.

Worm:Win32/RJump is a worm that attempts to spread by copying itself to newly attached media (such as USB memory devices or network drives). It also contains backdoor functionality that allows an attacker unauthorized access to an affected machine.

Backdoor:Win32/Rbot.gen is a generic detection for a family of backdoor trojans that allows attackers to control infected computers. After a computer is infected, the trojan connects to a specific IRC server and joins a specific channel to receive commands from attackers. Commands can instruct the trojan to spread to other computers by scanning for network shares with weak passwords, exploiting Windows vulnerabilities, and spreading through backdoor ports opened by other families of malicious software. The trojan can also allow attackers to perform other backdoor functions, such as launching denial of service (DoS) attacks and retrieving system information from infected computers.

Worm:Win32/Flibot.gen!A is a backdoor trojan that allows an attacker remote access to download arbitrary files.

Backdoor:Win32/Berbew.B is a backdoor Trojan that downloads to a computer by another downloader Trojan that is sent in e-mail. Backdoor:Win32/Berbew.B retrieves locally cached password and sends them to a Web site. The Trojan opens certain ports.

Backdoor:Win32/Berbew.AL is a backdoor Trojan that downloads to a computer by another downloader Trojan that is sent in e-mail. Backdoor:Win32/Berbew.AL retrieves locally cached passwords and sends them to a Web site. It also opens certain ports.

Backdoor:Win32/Rbot.KN is an IRC controlled backdoor which allows a remote attacker to request that it perform a wide range of activities on the affected system, including downloading and executing arbitrary files, stealing information, deleting files, terminating processes, running servers, and sending e-mail messages. It may spread via network shares with weak passwords, or by exploiting security vulnerabilities on a targeted system. It has been observed to be installed by Worm:Win32/Pobtiz variants.

Backdoor:Win32/Haxdoor.DK is a backdoor Trojan that allows remote control of the machine over the Internet. The Trojan is rootkit-enabled, allowing it to hide processes and files related to the threat. Backdoor:Win32/Haxdoor.DK lowers security settings on the computer, gathers user and system information and sends it to a third party

Backdoor:Win32/Haxdoor.IF is a backdoor Trojan that allows remote control of the machine over the Internet. The Trojan is rootkit-enabled, allowing it to hide processes and files related to the threat. Backdoor:Win32/Haxdoor.IF lowers security settings on the computer, gathers user and system information and sends it to a third party

Backdoor:Win32/Rustock is a rootkit-enabled proxy trojan used to send large volumes of spam from infected computers. The trojan consists of a user mode installer and a kernel mode rootkit driver. The rootkit driver hides registry keys, files, TCP ports and memory objects and also hides itself from applications containing the following strings: RootkitReveller, BlackLight, Rkdetector, Gmer, Endoscope, DarkSpy, Anti-rootkit.

Backdoor:Win32/Rustock is a rootkit-enabled proxy trojan used to send large volumes of spam from infected computers. The trojan consists of a user mode installer and a kernel mode rootkit driver. The rootkit driver hides registry keys, files, TCP ports and memory objects and also hides itself from applications containing the following strings: RootkitReveller, BlackLight, Rkdetector, Gmer, Endoscope, DarkSpy, Anti-rootkit.

Win32/Rustock is a multi-component family of rootkit-enabled backdoor trojans, which were historically developed to aid in the distribution of 'spam' e-mail. First discovered sometime in early 2006, Rustock has evolved to become a prevalent and pervasive threat. Recent variants appear to be associated with the incidence of rogue security programs.

Backdoor:Win32/Rustock is a rootkit-enabled proxy trojan used to send large volumes of spam from infected computers. The trojan consists of a user mode installer and a kernel mode rootkit driver. The rootkit driver hides registry keys, files, TCP ports and memory objects and also hides itself from applications containing the following strings: RootkitReveller, BlackLight, Rkdetector, Gmer, Endoscope, DarkSpy, Anti-rootkit.

Backdoor:WinNT/Rustock is a rootkit-enabled proxy trojan used to send large volumes of spam from infected computers. The trojan consists of a user mode installer and a kernel mode rootkit driver. The rootkit driver hides registry keys, files, TCP ports and memory objects and also hides itself from applications containing the following strings: RootkitReveller, BlackLight, Rkdetector, Gmer, Endoscope, DarkSpy, Anti-rootkit.

Backdoor:Win32/Rustock is a rootkit-enabled proxy trojan used to send large volumes of spam from infected computers. The trojan consists of a user mode installer and a kernel mode rootkit driver. The rootkit driver hides registry keys, files, TCP ports and memory objects and also hides itself from applications containing the following strings: RootkitReveller, BlackLight, Rkdetector, Gmer, Endoscope, DarkSpy, Anti-rootkit.