VirTool:WinNT/Divapad.A is the malicious driver component of, and is dropped and installed by, TrojanDropper:Win32/Divapad.A. It logs network traffic.

Trojan:WinNT/Bubnix.D is a kernel mode trojan that masks its presence on an affected computer by blocking registry and file access to itself. The trojan may report its installation to a remote server and download and execute arbitrary files.

Trojan:WinNT/Omexo.D is the detection for a malicious kernel mode driver that uses obfuscation techniques to hide its presence on an affected computer. It installs other malware into the computer, and it may be installed by a malware dropper.

HackTool:WinNT/Tcpz.C is a device driver that modifies the Windows TCP/IP stack device driver to change the concurrent TCP connection attempts limit.

Trojan:Win64/Sirefef.W is the 64-bit user-mode component of Win32/Sirefef - a multi-component family of malware that moderates your Internet experience by modifying search results, and generating pay-per-click advertising revenue for its controllers. The family consists of multiple parts that perform different functions, such as downloading updates and additional components, hiding existing components or performing a payload.

Worm:Win32/Stuxnet.B is the detection for a worm that spreads to all removable drives. It does this by dropping exploit shortcut files (files having .LNK file extension) that automatically run when the removable drive is accessed using an application that displays shortcut icons (for example, Windows Explorer). The shortcut files are detected as Exploit:Win32/CplLnk.A.

 

The worm is capable of dropping and installing other components, injecting code into currently-running processes, and allowing backdoor access and control to the infected computer.

Trojan:WinNT/Tibs.gen!A is generic detection for drivers used across multiple pieces of malware affiliated with the 'Tibs' malware distribution network. WinNT/Tibs malware uses rootkit methods to hide its presence on an infected computer.

Backdoor:WinNT/Syzor.A is a backdoor trojan that may be dropped by other malware. It may collect system information and log keystrokes, and hooks certain functions to hinder its detection and removal.

TrojanDropper:Win32/Resmu.A is a trojan that drops another malware in the computer.

Trojan:Win32/WebHijack.A!sys is a kernel-mode driver that redirects Internet search requests to display unsolicited advertisements and accumulate per-click revenue.

Trojan:WinNT/Wador.A is malware installed as a Windows NT driver that writes code to certain versions of BIOS.

Trojan:WinNT/Duqu.B is a variant of WinNT/Duqu, a trojan that could allow unauthorized remote access and control of an affected computer. This trojan component injects payload instructions, detected as Trojan:Win32/Duqu.A, into other processes.

VirTool:WinNT/Koobface.P is a device driver used by variants of Win32/Koobface to divert web traffic to a web search hijacker component.

Windows Defender detects and removes this threat.

DOS/Ramnit.A is the malicious Master Boot Record (MBR) dropped by variants of the Ramnit family, in particular, Virus:Win32/Ramnit.AC.

VirTool:WinNT/FURootkit.gen!B is a generic detection for a rootkit device driver component. It modifies system kernel structure to hide and raise the privilege of any process.