855 entries found.
Displaying page 5
of 43.
VirTool:Win32/Rustock.A
Updated on Jan 18, 2007
VirTool:Win32/Rustock is a rootkit-enabled proxy trojan used to send large volumes of spam from infected computers. The trojan consists of a user mode installer and a kernel mode rootkit driver. The rootkit driver hides registry keys, files, TCP ports and memory objects and also hides itself from applications containing the following strings: RootkitReveller, BlackLight, Rkdetector, Gmer, Endoscope, DarkSpy, Anti-rootkit.
Alert level:
high
Backdoor:Win32/Rustock
Updated on Mar 25, 2007
Win32/Rustock is a family of rootkit-enabled backdoor trojans used to send large volumes of spam from infected computers. The trojan consists of a user mode installer and a kernel mode rootkit driver. The rootkit driver hides registry keys, files, TCP ports and memory objects and also hides itself from applications containing the following strings: RootkitReveller, BlackLight, Rkdetector, Gmer, Endoscope, DarkSpy, Anti-rootkit.
Alert level:
severe
Win32/Rustock.A!gen
Updated on Mar 25, 2007
Backdoor:Win32/Rustock is a rootkit-enabled proxy trojan used to send large volumes of spam from infected computers. The trojan consists of a user mode installer and a kernel mode rootkit driver. The rootkit driver hides registry keys, files, TCP ports and memory objects and also hides itself from applications containing the following strings: RootkitReveller, BlackLight, Rkdetector, Gmer, Endoscope, DarkSpy, Anti-rootkit.
Alert level:
high
Win32/Rustock.B!gen
Updated on Mar 25, 2007
Backdoor:Win32/Rustock is a rootkit-enabled proxy trojan used to send large volumes of spam from infected computers. The trojan consists of a user mode installer and a kernel mode rootkit driver. The rootkit driver hides registry keys, files, TCP ports and memory objects and also hides itself from applications containing the following strings: RootkitReveller, BlackLight, Rkdetector, Gmer, Endoscope, DarkSpy, Anti-rootkit.
Alert level:
high
Backdoor:Win32/Haxdoor.DK.dr
Updated on May 04, 2007
Backdoor:Win32/Haxdoor.DK is a backdoor Trojan that allows remote control of the machine over the Internet. The Trojan is rootkit-enabled, allowing it to hide processes and files related to the threat. Backdoor:Win32/Haxdoor.DK lowers security settings on the computer, gathers user and system information and sends it to a third party
Alert level:
severe
Backdoor:Win32/Haxdoor.IF.dll
Updated on May 04, 2007
Backdoor:Win32/Haxdoor.IF is a backdoor Trojan that allows remote control of the machine over the Internet. The Trojan is rootkit-enabled, allowing it to hide processes and files related to the threat. Backdoor:Win32/Haxdoor.IF lowers security settings on the computer, gathers user and system information and sends it to a third party
Alert level:
severe
VirTool:WinNT/Haxdoor.B
Updated on May 09, 2007
VirTool:WinNT/Haxdoor.B is a kernel-mode rootkit-enabled Trojan that allows remote control of the infected machine over the Internet. The Trojan contains instructions that allow it to disable certain antivirus programs and firewall applications, log keystrokes, allow remote connections, lower security settings or perform other unwanted actions. VirTool:WinNT/Haxdoor.B gathers user and system information and sends it to a third party.
Alert level:
severe
VirTool:WinNT/Haxdoor.A
Updated on May 09, 2007
VirTool:WinNT/Haxdoor.A is a kernel-mode rootkit-enabled Trojan that allows remote control of the infected machine over the Internet. The Trojan contains instructions that allow it to disable certain antivirus programs and firewall applications, log keystrokes, allow remote connections, lower security settings or perform other unwanted actions. VirTool:WinNT/Haxdoor.A gathers user and system information and sends it to a third party.
Alert level:
severe
Trojan:Win32/Alureon
Updated on May 17, 2007
Windows Defender Antivirus detects and removes this threat.
This threat is a dropper component of the Win32/Alureon family of trojans. It installs a driver, which is detected as Trojan:WinNT/Alureon.L, and connects to a server to send information about your PC to a malicious hacker.
Alert level:
severe
Backdoor:Win32/PcClient.Z
Updated on Aug 30, 2007
Backdoor:Win32/PcClient.Z is a backdoor trojan with several components including a keylogger, backdoor, and a rootkit. It is usually disguised as or packaged with legitimate applications.
Alert level:
severe
Backdoor:Win32/Bifrose.ACI
Updated on Oct 26, 2007
Backdoor:Win32/Bifrose.ACI is a backdoor Trojan that allows a remote attacker to access to the compromised computer, and injects its processes into the Windows shell and Internet Explorer.
Alert level:
severe
Worm:Win32/Slenfbot.AO
Updated on Nov 28, 2007
Worm:Win32/Slenfbot.AO is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level:
severe
Worm:Win32/Slenfbot.AT
Updated on Jan 07, 2008
Worm:Win32/Slenfbot.AT is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level:
severe
Backdoor:Win32/Oderoor.gen!B
Updated on Jan 17, 2008
Backdoor:Win32/Oderoor.gen!B is a backdoor Trojan that allows an attacker access to the compromised computer. This Trojan may connect with remote Web sites and SMTP servers.
Alert level:
severe
Backdoor:Win32/Nirbot
Updated on Jan 23, 2008
Backdoor:Win32/Nirbot is a backdoor Trojan that targets certain versions of Microsoft Windows. The trojan connects to a specific IRC server to receive commands from attackers, which can include instructions to spread to other computers in various ways, such as through network shares, SQL servers, and the exploitation of particular vulnerabilities.
Alert level:
severe
Backdoor:Win32/Oderoor.gen!A
Updated on Feb 06, 2008
Backdoor:Win32/Oderoor.gen!A is a backdoor Trojan that allows an attacker access to the compromised computer. This Trojan may connect with remote Web sites and SMTP servers.
Alert level:
severe
Worm:Win32/Slenfbot.CG
Updated on Sep 11, 2008
Worm:Win32/Slenfbot.CG is a worm that can spread via MSN Messenger, and may spread via removable drives. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level:
severe
Worm:Win32/Slenfbot.CI
Updated on Sep 11, 2008
Worm:Win32/Slenfbot.CI is a worm that can spread via MSN Messenger, and may spread via removable drives. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level:
severe
Worm:Win32/Slenfbot.CR
Updated on Sep 11, 2008
Worm:Win32/Slenfbot.CR is a worm that can spread via MSN Messenger, and may spread via removable drives. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level:
severe
Worm:Win32/Slenfbot.CT
Updated on Sep 11, 2008
Worm:Win32/Slenfbot.CT is a worm that can spread via MSN Messenger, and may spread via removable drives. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level:
severe