Trojan:Win32/Agent.B is a Trojan that redirects Web traffic and manipulates certain Windows applications. Trojan:Win32/Agent.B may install other unwanted software, or may be bundled with other unwanted software.

Trojan:Win32/Tibs.DV is a Trojan that allows unauthorized access to an infected computer. The Trojan receives commands indirectly from a remote attacker via its connection to a malicious peer-to-peer network. This Trojan also contains advanced stealth functionality that allows it to hide particular files, folders and processes.

Win32/Nsag.B is a data-stealing Trojan. The Trojan is created when certain code is injected into wininet.dll, which is a Windows system file. When a user tries to send data to a Web site, code in Win32/Nsag.B may cause code in another malicious DLL on the computer to capture the user data and send it to an attacker.

Win32/Valla.2048 is a virus that appends itself to executable files on an infected computer.

Trojan:Win32/Yidvar.A is a backdoor that receives commands from a remote Web server and may log keystrokes on an infected computer.

HTML/Emerleox is detection for files modified by Worm:Win32/Emerleox.gen, a network worm that attempts to copy itself to writable network shares by exploiting weak password/username combinations. When Worm:Win32/Emerleox.gen is run, it attempts to disable certain antivirus and firewall products by disabling registry entries and killing processes associated with those programs.

Win32/Busky is a family of Trojans that monitor and redirect Internet traffic, gather system information and download unwanted software such as Win32/Renos and Win32/SpySheriff. Win32/Busky may be installed by a Web browser exploit or other vulnerability when visiting a malicious Web site.

Trojan:Win32/Perfcoo.A is a small Trojan downloader. Trojan:Win32/Perfcoo.A may contact a remote Web site and execute a server-side script. This Trojan may be installed or downloaded by other pre-existing Trojans or unwanted software on the infected computer.

Trojan:Win32/Wopla.gen!Y is a generic detection for a family of Trojans that act as proxies, allowing an attacker to send spam e-mail, some with binary attachments. Trojan:Win32/Wopla.gen!Y may also download, upload and execute files on the affected machine.

Trojan:Win32/Anomaly.gen has been renamed to Trojan:Win32/C2Lop.C

 

Trojan:Win32/C2Lop.C is a Trojan that adds Web browser bookmarks, downloads files from remote Web sites, and delivers pop-up and contextual advertisements. Trojan:Win32/C2Lop.C is installed by SoftwareBundler:Win32/MessengerPlus.b!installer.

Trojan:WinNT/Bagle.gen is generic detection for variants of WinNT/Bagle, a component of the greater Win32/Bagle multi-component family of malware. WinNT/Bagle provides advanced stealth functionality and anti-removal measures for this family.

Trojan:Java/Classloader.F is a malicious Java applet that can infect Microsoft Windows computers that are not patched with Microsoft Security Update MS03-011. An attacker can insert the Java applet into HTML code and host the code on a Web server or send the code in e-mail. When a user opens the Web page or e-mail, the vulnerability allows the applet to bypass a security check on the computer. The applet can then run malicious code on the computer and open a backdoor to receive commands from attackers.

Trojan:Win32/Starter creates an unauthorized user account on the system and adds that account to the administrator group as a “Remote Service Account".

 

On July 16, 2007, Microsoft identified a misclassification in the Trojan:Win32/Starter signature which could result in erroneous detections of this Trojan in certain PE files created by Quick Batch File Compiler. To address this issue, impacted customers should update to signature files with version number 2740.6 or above.

Trojan:Win32/Agent.ABA is a Trojan that may download additional malware and may also provide backdoor/proxy functionality.

Trojan:Win32/Conhook is a family of Trojans that installs themselves as Browser Helper Objects (BHOs), and connects to the Internet without user consent. They also terminate specific security services, and download additional malware to the computer.

Win32/Nsag.A is a data-stealing Trojan. The Trojan is created when certain code is injected into wininet.dll, which is a Windows system file. When a user tries to send data to a Web site, code in Win32/Nsag.A may cause code in another malicious DLL on the computer to capture the user data and send it to an attacker.

Trojan:Win32/StartPage.PV is a Trojan that targets certain versions of Microsoft Windows. The Trojan changes the behavior of Internet Explorer in various ways. When the user attempts to access a Web site, the Trojan can block access to the site and display a warning that the computer is infected with spyware and adware.

Trojan:Win32/Starcedor.A is a Trojan that monitors an affected user's network traffic and intercepts search requests to Google.

Trojan:MacOS/RSPlug.A is a Trojan for Mac OS X that modifies existing DNS settings. This Trojan may pose as a Mac codec in the form of a disk image file.

Trojan:SH/RSPlug.A is an installed component of Trojan:MacOS/RSPlug.A, a Trojan for Mac OS X that modifies existing DNS settings. This Trojan may pose as a Mac codec in the form of a disk image file.