953 entries found.
Displaying page 7
of 48.
Win32/Ryknos
Updated on Nov 15, 2005
Windows Defender Antivirus detects and removes this threat.
Win32/Ryknos is a family of backdoor Trojans that targets computers running certain versions of Microsoft Windows. The trojan opens a backdoor on the infected computer to receive commands from attackers. If the rootkit WinNT/F4IRootkit is already installed on the target computer, the Trojan uses the rootkit to hide.
Alert level:
severe
Win32/Eyeveg
Updated on Jan 25, 2006
Windows Defender Antivirus detects and removes this threat.
Win32/Eyeveg is a worm that spreads by replicating itself in infected e-mails or into network shares. It collects data from the infected computer and can be used as a backdoor.
Alert level:
high
Win32/Torvil
Updated on Feb 23, 2006
Windows Defender Antivirus detects and removes this threat.
Win32/Torvil is a family of worms that spread via email, via Peer-To-Peer (P2P) file-sharing software, and via other potential vectors.
Alert level:
high
Win32/Reatle
Updated on Mar 16, 2006
Windows Defender Antivirus detects and removes this threat.
This family of mass-mailing worm target certain versions of Microsoft Windows.
The worm sends itself as an attachment to email addresses that it finds in files on the infected computer. The worm is activated when a user opens the attachment.
Alert level:
high
Win32/Evaman
Updated on Apr 19, 2006
Windows Defender Antivirus detects and removes this threat.
Win32/Evaman is a mass-mailing worm that targets Microsoft Windows.
The worm spreads by sending itself as an email attachment to email addresses that it finds using Yahoo! People Search or on the infected computer. The worm infects the computer when the user opens the email attachment. The worm may try to disable certain security-related software on the infected computer. Some Win32/Evaman variants may cause the user to be logged off immediately after logon.
Alert level:
high
Win32/Plexus
Updated on May 05, 2006
Windows Defender Antivirus detects and removes this threat.
Win32/Plexus is a mass-mailing email worm that targets Microsoft Windows. The worm also spreads through Kazaa peer-to-peer network shares and to computers that have not been patched for the Windows vulnerabilities described in Microsoft Security Bulletins MS03-039 and MS04-011. Win32/Plexus opens a backdoor which allows attackers to run arbitrary code on the infected computer.
Alert level:
high
Win32/Fizzer
Updated on Jun 06, 2006
Windows Defender Antivirus detects and removes this threat.
Win32/Fizzer is a mass-mailing worm. Various aspects of its behavior are configurable by an attacker. The worm sends a copy of itself as an email attachment to addresses that it finds on the infected computer. The worm may also spread through peer-to-peer file sharing.
Win32/Fizzer may perform numerous malicious actions on the infected computer, such as terminating antivirus processes, logging keystrokes, exchanging data through various ports, opening a proxy server, and opening an HTTP server or connecting to an IRC server to provide backdoor access.
Alert level:
high
Win32/Alemod
Updated on Jun 30, 2006
Windows Defender Antivirus detects and removes this threat.
Win32/Alemod is a family of data-stealing trojans. An installation of Win32/Alemod includes a trojan dropper and three files that the dropper installs: a dynamic-link library (DLL), a program that displays a Web-shortcut icon in the taskbar notification area, and a partial-uninstaller program. The trojan dropper infects the Windows system file wininet.dll in order to capture data from outgoing user web traffic. Win32/Alemod transmits the captured user data to other websites and places a hypertext link and other shortcuts to potentially malicious websites on the user desktop. Microsoft detects the infected wininet.dll file as Win32/Nsag.
Alert level:
high
Win32/Banker
Updated on Jul 20, 2006
Windows Defender detects and removes this threat.
This family of data-stealing trojans can capture your online banking details, such as your login credentials and account numbers. They can then send this information to a malicious hacker.
They can be installed on your PC when you open an email attachment that looks like a greeting card.
Most variants target Brazilian bank customers.
Alert level:
high
Win32/Bancos
Updated on Aug 23, 2006
Microsoft security software detects and removes this family of threats.
This family of data-stealing trojans can steal your online banking login details, such as your user names and passwords. They then send the stolen information to a malicious hacker.
They mostly target Brazilian bank customers.
Alert level:
severe
Win32/Harnig
Updated on Oct 02, 2006
Win32/Harnig is a family of Trojan downloaders capable of downloading and running malicious software. Win32/Harnig may stop, delete, or circumvent processes or services associated with firewall, antivirus, or other security software, thus potentially lowering the security settings on affected computers.
Alert level:
high
Win32/Beenut
Updated on Nov 27, 2006
Windows Defender Antivirus detects and removes this threat.
Win32/Beenut is a family of trojan downloaders that download files from various URLs to the host computer and then run the downloaded files. A Win32/Beenut trojan may also copy itself to the host computer, modifying the registry so the copy of itself runs each time Windows starts.
Alert level:
high
Win32/Funner
Updated on Mar 20, 2007
Win32/Funner is an instant messaging worm that spreads through MSN Messenger, MSN Communicator, and QQ. The worm overwrites the HOSTS file to redirect certain outbound Internet traffic from the infected computer to an attacker’s server, which could enable phishing and man-in-the-middle attacks. These attacks may include theft of credentials such as user names, passwords, and credit card data, as well as injection of malicious code into Internet traffic that is bound for the user's computer.
Alert level:
high
Win32/Allaple
Updated on Jun 06, 2007
Win32/Allaple is a multi-threaded, polymorphic network worm capable of spreading to other computers connected to a local area network (LAN) and performing denial-of-service (DoS) attacks against targeted remote Web sites.
Alert level:
high
Win32/Tclock
Updated on Feb 28, 2008
Program:Win32/Tclock is a Windows taskbar clock utility. When running, it may communicate with time servers, or provide alarm functionality.
Alert level:
severe
Win32/Newacc
Updated on Mar 11, 2008
Windows Defender Antivirus detects and removes this threat.
Win32/Newacc is detection for an attacker tool that automatically registers new e-mail accounts on Hotmail, AOL, Gmail, Lycos and other account service providers. To achieve this, the tool communicates with a Web Service in order to bypass CAPTCHA protection. CAPTCHA is an acronym for Completely Automated Public Turing test to tell Computers and Humans Apart.
Alert level:
high
Win32/Lolyda
Updated on May 30, 2008
Win32/Lolyda is a family of trojans that sends account information from popular online games to a remote server. They may also download and execute arbitrary files.
Alert level:
severe
Win32/Taterf
Updated on Jun 02, 2008
Win32/Taterf is a family of worms that spread via mapped drives in order to steal login and account details for popular online games.
Alert level:
high
Win32/Ceekat
Updated on Jun 05, 2008
Win32/Ceekat is a collection of trojans that steal information such as passwords for online games. Generally they can do this by reading information directly from running processes in memory. The processes each Ceekat variant targets are very specific, and may include any number of applications, not necessarily limited to online games.
Alert level:
severe