0 оценок0% нашли этот документ полезным (0 голосов)
246 просмотров4 страницы
Rogue inetcomm.dll Virus.DOS.Digger.1000 is a harmless memory-reside nt parasitic virus. It infects the COM a nd EXE files on their execution and inserts itself into their bodies. On execution it removes itself from the host file, then executes it. It hooks INT 21h and stays memory resident.
Rogue inetcomm.dll Virus.DOS.Digger.1000 is a harmless memory-reside nt parasitic virus. It infects the COM a nd EXE files on their execution and inserts itself into their bodies. On execution it removes itself from the host file, then executes it. It hooks INT 21h and stays memory resident.
Авторское право:
Attribution Non-Commercial (BY-NC)
Доступные форматы
Скачайте в формате TXT, PDF, TXT или читайте онлайн в Scribd
Rogue inetcomm.dll Virus.DOS.Digger.1000 is a harmless memory-reside nt parasitic virus. It infects the COM a nd EXE files on their execution and inserts itself into their bodies. On execution it removes itself from the host file, then executes it. It hooks INT 21h and stays memory resident.
Авторское право:
Attribution Non-Commercial (BY-NC)
Доступные форматы
Скачайте в формате TXT, PDF, TXT или читайте онлайн в Scribd
nt parasitic encrypted virus. On execution it removes itself from the host file, then executes it, hooks INT 21h and stays memory resident. It infects the COM a nd EXE files on their execution and inserts itself into their bodies. EXE files are converted to COM format... Spyware colbact.dll Trojan-PSW.Win32.Nilage.ha This Trojan belongs to a family of programs designed to steal system passwords. It steals confidential d ata about the victim machine, including passwords and information entered via th e keyboard. The Trojan itself is a Windows PE EXE file approximately 68KB in si ze, packed using ASPack. The... Adware mqdscli.dll Virus.DOS.Jeff.812 It is a very dangerous nonmemory resident parasitic virus. It searches for .COM files and writes itself to the e nd of the file. On July, 7th it displays: JEFF is visiting your harddisk... an d erases FAT of current disk. Adware wmadmod.dll Virus.DOS.CriminalWW.1788 These are very dangerous memory resident parasitic polymorphic viruses. They trace and hook INT 21h, the n they write themselves to the end of COM and EXE files that are executed or ope ned. Depending on their internal counters the viruses erase the MBR of the hard drive and then display the message:... Dialer msrating.dll Exploit.HTML.Ascii.j This exploit uses a vulnerabilit y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT ML page. It is 1046 bytes in size. It is not packed in any way. Backdoor srchctls.dll Backdoor.Win32.Nanspy.f This backdoor program is written in Delphi, and packed using UPX. The file is 211520 bytes in size. Ins tallation The backdoor copies itself to the system directory as spools.exe. It registers this file in the system registry to ensure that the program is launche d each time Windows is rebooted.... Rogue accwiz.exe Virus.DOS.Leo.3948 It is not a dangerous nonmemory resident quite silly parasitic virus. It searches for .COM files, then writes it self to the end of the file. On December 31st it displays the message: * * * · ···· &midd ot;· ·... Backdoor batmeter.dll Backdoor.Win32.Nanspy.f This backdoor program is written in Delphi, and packed using UPX. The file is 211520 bytes in size. Ins tallation The backdoor copies itself to the system directory as spools.exe. It registers this file in the system registry to ensure that the program is launche d each time Windows is rebooted.... Backdoor cards.dll Backdoor.WinCE.Brador.a Brador.a is a backdoor ( a utility allowing for remote administration of the infected machine) for Pocket PC based on Windows CE and newer version of Windows Mobile. It is written in ASM for ARM-processors and is 5632 bytes in size. After Brador is launched it c reates an svchost.exe file in the... Adware clusapi.dll Virus.DOS.Put.1939 It is not a dangerous nonmemory resident encrypted parasitic virus. It searches for .EXE files and writes itself to the end of the file. The beginning of virus the body contains the word "PUT" . Sometimes the virus displays the message:... Adware cryptnet.dll Virus.Boot.ABCD.a It''s a harmless boot virus. On loading from infected disk, it hooks INT 13h and writes itself into boot sectors of floppy disks. It infects the hard drive on loading from infected floppy. It uses the ID-word ABCDh. Backdoor dgsetup.dll Backdoor.Win32.Vipdataend.ij This Trojan prov ides a remote malicious user with access to the victim machine. This Trojan is a Windows PE EXE file. It is 435712 bytes in size. Installation The backdoor co pies its executable file to the Windows system directory: %System%\PiaO.exe The Trojan also extracts the following .dll... Trojan dpnhpast.dll Trojan.Win32.KillFiles.lm This Trojan has a malici ous payload. It is a Windows PE EXE file. The file is 368 128 bytes in size. & aacute;àéò. It is not packed in any way. It is written in Borland Delphi. Rogue drwtsn32.exe Virus.DOS.Darkray_II.466 It is not a dangerous no nmemory resident parasitic virus. It searches for .COM files, then writes itself to the end of the file. The virus displays the messages: This file contains a virus!!! Please COLD-boot from a write protected system disk and use you anti vi rus software!!! Dit virus is ter... Trojan eventlog.dll Trojan.Win32.KillFiles.lm This Trojan has a malici ous payload. It is a Windows PE EXE file. The file is 368 128 bytes in size. & aacute;àéò. It is not packed in any way. It is written in Borland Delphi. Adware fontsub.dll Virus.DOS.Am.743 This is a harmless memory-reside nt parasitic virus. It hooks INT 21h and writes itself at the end of COM files t hat are executed. It contains the text "am", the same value is returned (in ASCI I) by the virus when it checks the previously loaded TSR copy. On calling the G etDate DOS function the... Dialer ialmrnt5.dll Exploit.HTML.Ascii.f This exploit uses a vulnerabilit y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT ML page. It is 1614 bytes in size. It is not packed in any way. Backdoor ieapfltr.dll Backdoor.Win32.Jix.a This Trojan has a built- in remote administration tool. The program itself is a Windows PE EXE file appr oximately 15KB in size, packed using UPX. The unpacked file is approximately 25 KB in size. Once launched, the Trojan copies itself to the Windows system direc tory under one of the following... Adware iphlpapi.dll Virus.DOS.Squatter.9742 This is a dangerous memory resid ent parasitic highly polymorphic and stealth virus. It hooks INT 21h and writes itself to the end of COM and EXE files that are accessed. Depending on their cou nters the virus also infects the "C:\DOS\KEYB.COM" file, if it exists. The virus does not infect the... Dialer ir41_qc.dll Exploit.HTML.Ascii.j This exploit uses a vulnerabilit y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT ML page. It is 1046 bytes in size. It is not packed in any way. Spyware kbdinmal.dll Trojan-PSW.Win32.LdPinch.ur This Trojan is designed to steal user passwords. It is a Windows PE EXE file. The size of the infecte d file may vary between 21KB to 86KB. It is packed using FSG. Malware kbdtat.dll Virus.DOS.PM.733 It is a harmless memory resident stealth parasitic virus. It hooks INT 21h and writes itself to the end of .COM files that are executed or closed. When an infected file is opened, the virus di sinfects it. The virus contains the ID-strings: PM Trojan logagent.exe Trojan.Win32.KillAV.gj This Trojan is a Windows PE EXE file 61440 bytes in size. Once launched, the Trojan causes the following messa ge to be displayed: It then creates a file called Update.bat in the C: root d irectory: C:\Update.bat The Trojan terminates any processes it finds with the names listed below:... Spyware mciole32.dll Trojan-PSW.Win32.LdPinch.abm This Trojan program is d esigned to steal confidential user data. It harvests user names and passwords to a range of services and programs, and incorporates an SMTP server. The Trojan is a Windows PE EXE file, written in C++, and is 58410 bytes in size. Once lau nched, the Trojan copies itself to... Trojan MP4SDMOD.dll Trojan.Win32.Small.eu This Trojan is a Windows PE EXe file 3584 bytes in size. Once launched, the Trojan registers this file in the s ystem registry, ensuring that it will be launched each time Windows is rebooted on the victim machine: [HKCU\Software\Microsoft\Windows\CurrentVersion\Runonce] "MSSetup"="<path to... Rogue mqtrig.dll Virus.DOS.Exorcist.212 It is a very dangerous nonmemory resident overwriting virus. It searches for COM files, then overwrites them, an d displays the message: Bad command or file name then returns to DOS. On 1st o f any month the virus erases sectors on the C: drive. The virus also contains th e text strings: [RED... Trojan msidle.dll Trojan.BAT.MkDirs.z This primitive Trojan is written in BAT and is 317 bytes in size. When launched, the virus deletes all the file s from the C:\windows\ directory. Creates directories named "1", "2", "3", "4" etc. up to "18" in the current directory. While deleting files it displays the following text: You are... Adware msrd2x40.dll Virus.DOS.Am.743 This is a harmless memory-reside nt parasitic virus. It hooks INT 21h and writes itself at the end of COM files t hat are executed. It contains the text "am", the same value is returned (in ASCI I) by the virus when it checks the previously loaded TSR copy. On calling the G etDate DOS function the... Trojan mycomput.dll Trojan.Win32.KillAV.gj This Trojan is a Windows PE EXE file 61440 bytes in size. Once launched, the Trojan causes the following messa ge to be displayed: It then creates a file called Update.bat in the C: root d irectory: C:\Update.bat The Trojan terminates any processes it finds with the names listed below:... Backdoor netcfgx.dll Backdoor.Win32.Nanspy.f This backdoor program is written in Delphi, and packed using UPX. The file is 211520 bytes in size. Ins tallation The backdoor copies itself to the system directory as spools.exe. It registers this file in the system registry to ensure that the program is launche d each time Windows is rebooted.... Worm ntkrnlpa.exe Worm.SunOS.Sadmind Text written by Costin Raiu, Kas persky Labs, Romania This is an Internet-worm that replicates between Sun Sparc computers running the Solaris/SunOS operating system, and attacks Microsoft IIS v4 and 5 Web servers. Cracked Micrsoft IIS servers will have their start page r eplaced with one that... Dialer odtext32.dll Exploit.HTML.Ascii.ae This exploit uses a vulnerabilit y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT ML page. It is 3616 bytes in size. It is not packed in any way. Malware perfts.dll Virus.DOS.TaiPan.Chroot.727 This is a harmless memor y-resident parasitic virus. It hooks INT 21h and writes itself to the end of EXE files that are executed. This virus infects files that are executed, opened or accessed by Get/Set File Attributes DOS call. It deletes the F-PROT anti-virus and does not infect the file... Worm qappsrv.exe Worm.Win32.Fujack.a This worm spreads on the hard di sk of the victim machine and to write-accessible network resources. It is a Win dows PE EXE file. Modifications of this program may vary in size from 26KB to 1 29KB. The program may be packed with a range of packers. Installation When laun ched, the worm copies its... Rogue rasdial.exe Virus.DOS.Spartak_II.2000 It is not a dangerous no nmemory resident polymorphic companion virus. It searches for .COM and .EXE file s, then renames .COM files to .CCC and .EXE files to .EEE, then writes itself in stead of host file. After infection the virus creates in the current directory t he SPARTAK.BAT file and writes to... Trojan replace.exe Trojan.Win32.KillWin.bl This Trojan program deletes the Windows NT system file. The Trojan itself is a Windows PE EXE file, 296407 byte s in size. Worm scrnsave.scr Net-Worm.Win32.Witty This fileless worm, also known a s BlackIce and Blackworm, infects computers which use the following vulnerable I SS products: RealSecure Network 7.0, XPU 22.11 and before RealSecure Server Se nsor 7.0 XPU 22.11 and before RealSecure Server Sensor 6.5 for Windows SR 3.10 and before Proventia A... Trojan sethc.exe Trojan.VBS.KillOS.a This Trojan has a malicious payl oad. It is 343 bytes in size, and written in Visual Basic Script. Worm sprio800.dll Worm.Win32.Fujack.a This worm spreads on the hard di sk of the victim machine and to write-accessible network resources. It is a Win dows PE EXE file. Modifications of this program may vary in size from 26KB to 1 29KB. The program may be packed with a range of packers. Installation When laun ched, the worm copies its... Dialer sysedit.exe Exploit.HTML.Ascii.j This exploit uses a vulnerabilit y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT ML page. It is 1046 bytes in size. It is not packed in any way. Trojan tracerpt.exe Trojan.Win32.LipGame.i This Trojan is a Windows PE EXE file written in C++ and packed using UPX. The file is 23552 bytes in size, and t he unpacked file is 56832 bytes in size. The program is represented by a transp arent icon, and it is therefore difficult to see it in some file managers. This Trojan is almost identical... Dialer upnp.dll HackTool.Perl.IrBot.d This malicious program is a hack ing utility. It is a Perl script. The size of infected files may vary from 12K B to 69KB. Worm vwipxspx.exe Worm.Win32.AutoRun.bnb This worm propagates by creating copies of itself on local disks and write-accessible network resources. It is a Windows PE EXE file. It is 46592 bytes in size. It is packed using UPX. The u npacked file is approximately 107MB in size. Installation The worm copies its e xecutable file to the... Backdoor winscard.dll Backdoor.Win32.Jix.a This Trojan has a built- in remote administration tool. The program itself is a Windows PE EXE file appr oximately 15KB in size, packed using UPX. The unpacked file is approximately 25 KB in size. Once launched, the Trojan copies itself to the Windows system direc tory under one of the following... Malware wmpasf.dll Virus.DOS.Croatia_II.560 It is a very dangerous m emory resident parasitic virus. It hooks INT 21h and writes itself to the end of COM files that are executed. The virus deletes the CHKLIST.MS file, if it exist s. On February 12th it erases the hard drive sectors and displays the message: Croatia must be free ! (c) 1995 by... Malware wpdconns.dll Virus.DOS.PM.733 It is a harmless memory resident stealth parasitic virus. It hooks INT 21h and writes itself to the end of .COM files that are executed or closed. When an infected file is opened, the virus di sinfects it. The virus contains the ID-strings: PM Worm xmlprov.dll Net-Worm.Win32.Mytob.a This network worm infects comput ers running Windows. It is a Windows PE EXE file approximately 43KB in size, pac ked using FSG. The unpacked file is approximately 143KB in size. The worm sprea ds via a vulnerability in the Windows LSASS service. You can find information ab out the vulnerability...