Rogue ehshell.dll Virus.DOS.TempVir.

466 It is a harmless nonmemory resident

parasitic virus. It searches for COM files only in C:\TEMP\ directory, then writes
itself to the end of the file. The virus does not manifest itself in any way, it
contains the text string: C:\TEMP\*.COM
Spyware TrustedInstaller.exe Trojan-PSW.Win32.Gip.108 This Trojan
program is used to configure Trojans which are designed to steal user passwords.
The Trojan itself is a Windows PE EXE file. The file is 43,520 bytes in size. It
is written in C++.
Adware apphelp.dll Virus.DOS.Gle.848 It is a dangerous memory resident virus
that by standard way infects every started 10th EXE-file. It hooks INT 21h. On
December, 24th it displays the text: "Gleîileg jól" and stops any
file execution.
Malware attrib.exe Virus.DOS.Lct.599 This is a benign non memory-resident
parasitic virus. Upon being executed, it searches for all COM files of the current
directory, and writes itself to the end of the file. On December 25th, upon being
executed, the virus immediately returns to DOS. The virus contains the text
string: *.COM...
Spyware cfgbkend.dll Trojan-PSW.Win32.LdPinch.azw This Trojan is designed
to steal confidential information (user passwords). It is designed to steal a
range of confidential information. It is a Windows PE EXE file. It is 24,384
bytes in size. It is packed using MEW. The unpacked file is approximately 340KB in
size. It is written in Assembler.
Rogue compcln.exe Virus.DOS.Darkray_II.466 It is not a dangerous nonmemory
resident parasitic virus. It searches for .COM files, then writes itself to the
end of the file. The virus displays the messages: This file contains a virus!!!
Please COLD-boot from a write protected system disk and use you anti virus
software!!! Dit virus is ter...
Rogue dmstyle.dll Virus.DOS.TurboExe.846 These are very dangerous memory resident
parasitic viruses. They hook INT 21h and write themselves to the end of COM and
EXE files that are executed. While changing a current directory the viruses search
for the first EXE file, and infect it. When the TURBO.EXE file is executed the
viruses disable...
Malware drvstore.dll Virus.DOS.Bye.641 It is a dangerous memory resident
parasitic virus. It hooks INT 1Ch, 21h and writes itself to the end of COM files
that are executed. If during one hour there were no files infected, the virus
displays a message in Russian and reboots the computer. Me¡
c½¿ om ñ...
Trojan fdWCN.dll Trojan.Win32.LipGame.i This Trojan is a Windows PE EXE
file written in C++ and packed using UPX. The file is 23552 bytes in size, and the
unpacked file is 56832 bytes in size. The program is represented by a transparent
icon, and it is therefore difficult to see it in some file managers. This Trojan
is almost identical...
Dialer GuidedHelp.dll Exploit.HTML.Ascii.j This exploit uses a
vulnerability in Internet Explorer (CVE-2006-3227) to run on the victim machine.
It is an HTML page. It is 1046 bytes in size. It is not packed in any way.
Worm inetcomm.dll Worm.Win32.Nuf This worm infects computers running under
Windows. It spreads via poorly protected network resources. The worm itself is a
PE EXE file. It is written in Microsof Visual C++. The file is approximately 37KB
in size. It is not packed in any way. Installation Once launched, the worm
copies itself...
Worm kbd106.dll Worm.Win32.Nuf This worm infects computers running under
Windows. It spreads via poorly protected network resources. The worm itself is a
PE EXE file. It is written in Microsof Visual C++. The file is approximately 37KB
in size. It is not packed in any way. Installation Once launched, the worm
copies itself...
Trojan KBDINDEV.DLL Trojan.Win32.Diamin.jn This Trojan has a malicious
payload. It is a Windows PE EXE file. It is 29392 bytes in size. It is packed
using UPX. The unpacked file is approximately 52KB in size. It is written in
Delphi. Installation When launched, the Trojan copies its executable file to the
Windows directory as...
Malware KBDTH2.DLL Virus.DOS.Crasher.659 This is a very dangerous memory
resident parasitic virus. It hooks INT 21h and writes itself to the beginning of
COM files that are opened. The virus contains the string: (C) CRASHER X On
December 20th it erases C: drive sectors and displays the message: Dear users !
Hapy new year ! * / / /_ *...
Spyware Locator.exe Trojan-PSW.Win32.LdPinch.rn This Trojan belongs to a
family of Trojans written with the aim of stealing user passwords. LdPinch is
designed to steal confidential information. The Trojan itself is a Windows PE EXE
file approximately 17KB in size, packed using UPX. When installing, the Trojan
copies itself to the Windows system...
Spyware msieftp.dll Trojan-PSW.Win32.LdPinch.rn This Trojan belongs to a
family of Trojans written with the aim of stealing user passwords. LdPinch is
designed to steal confidential information. The Trojan itself is a Windows PE EXE
file approximately 17KB in size, packed using UPX. When installing, the Trojan
copies itself to the Windows system...
Malware msvideo.dll Virus.DOS.Lenin.943 It is not a dangerous nonmemory
resident parasitic virus. It searches for EXE files and writes itself to the end
of the file. While infecting it does not alter the EXE entry registers, but
inserts CALL FAR instruction into file entry point and alters EXE relocation
table. Depending on its...
Backdoor msyuv.dll Backdoor.Win32.Poison.h This Trojan provides a remote
malicious user with access to the victim machine. It is a Windows PE EXE file.
The file is 5,040 bytes in size. Installation When launched, the Trojan copies
its executable file to the Windows system directory: %System%\com.exe It also
creates the following...
Spyware newdev.dll Trojan-PSW.Win32.LdPinch.azw This Trojan is designed to
steal confidential information (user passwords). It is designed to steal a range
of confidential information. It is a Windows PE EXE file. It is 24,384 bytes in
size. It is packed using MEW. The unpacked file is approximately 340KB in size.
It is written in Assembler.
Dialer NlsLexicons081a.dll Exploit.PHP.Inject.f This exploit is
designed to steal confidential information from Web application databases. It is a
PHP file. It is 1,610 bytes in size. It is not packed in any way. It is written
in PHP.
Trojan oleacc.dll Trojan.BAT.MkDirs.z This primitive Trojan is written in
BAT and is 317 bytes in size. When launched, the virus deletes all the files from
the C:\windows\ directory. Creates directories named "1", "2", "3", "4" etc. up
to "18" in the current directory. While deleting files it displays the following
text: You are...
Backdoor PresentationHostProxy.dll Backdoor.Win32.Surila.k Surila is a Trojan
backdoor. The program is a Windows PE EXE file packed with Obsidium and written
in Visual C++. The packed file size is 244 KB and the unpacked size is
approximately 413 KB. Installation Upon being launched, Surila copies itself
into the Windows system folder under the name...
Malware RDPENCDD.dll Virus.DOS.SPE.CyberWarrior.5300.a It is a very
dangerous memory resident polymorphic and stealth parasitic virus. It hooks INT
21h and writes itself to the end of COM and EXE files that are executed, opened,
closed or accessed with Get/Set File Attribute DOS call. Depending on its counter
the virus erases the MBR of the hard drive...
Spyware runas.exe Trojan-PSW.Win32.Lmir.gen This family of Trojans steals
passwords to the online game Legend of Mir. As a rule, programs belonging to this
family are written in high-level programming languages such as Delphi, Visual C/C+
+, Visual Basic). File sizes vary, and the programs utilize a range of methods to
install themselves to...
Adware slcc.dll Virus.DOS.Dnepr.377 It is not a dangerous memory
resident parasitic virus. It copies itself into Interrupt Vectors Table, hooks INT
1Ch, 21h and writes itself to the end of COM files that are executed. Depending in
its internal counter the virus displays the message: DNEPR-CHAMPION
Malware SystemPropertiesAdvanced.exe Virus.DOS.Mini.60.a These are
extremely primitive non memory resident harmless viruses. They write themselves to
all .COM files of the current directory. The peculiarity of these viruses is their
small length. All infectors contain the string "*.COM" or "*.com". The length of
files getting infection by "Mini.127.b"...
Adware tcpipcfg.dll Virus.DOS.Accept.3619 This is a dangerous memory
resident parasitic encrypted virus. It hooks INT 21h and writes itself at the end
of COM and EXE files that are executed. If the file is already infected, the virus
searches for other executable files and hits them. The virus contains the internal
text string:...
Backdoor w32tm.exe Backdoor.win32.Small.cz This Trojan makes it possible for a
remote malicious user to control the victim machine. The program is a Windows PE
EXE file 2560 bytes in size.
Backdoor winrscmd.dll Backdoor.Win32.Vipdataend.ij This Trojan provides a
remote malicious user with access to the victim machine. This Trojan is a Windows
PE EXE file. It is 435712 bytes in size. Installation The backdoor copies its
executable file to the Windows system directory: %System%\PiaO.exe The Trojan
also extracts the following .dll...
Malware WMASF.DLL Virus.DOS.Segal.552 It is a harmless memory resident
parasitic virus. It hooks INT 21h and writes itself to the end of EXE files that
are executed. The virus does not manifest itself in any way. It contains the text:
-SEGAL(c)MM
Worm xmlfilter.dll Net-Worm.Win32.Lovesan.a Lovesan is an Internet Worm
which exploits the DCOM RPC vulnerability in Microsoft Windows described in MS
Security Bulletin MS03-026. Lovesan is written in C using the LCC compiler. The
worm is a Windows PE EXE file about 6KB (compressed via UPX - 11KB when
decompressed). Lovesan downloads and...