Vous êtes sur la page 1sur 3

Adware ehRecObj.dll Virus.DOS.Put.

1939 It is not a dangerous nonmemory


resident encrypted parasitic virus. It searches for .EXE files and writes itself
to the end of the file. The beginning of virus the body contains the word "PUT"
. Sometimes the virus displays the message:...
Worm ehuihlp.dll Net-Worm.Perl.Santy.a This worm uses a vulnerability i
n phpBB, which is used to create forums and web sites, to spread via the Interne
t. phpBB versions lower than 2.0.11 are vulnerable. The worm is written in Perl
, and is 4966 bytes in size. Propagation The worm creates a specially formulat
ed Google search request....
Adware atmfd.dll Virus.DOS.Later.959 This is a harmless memory reside
nt parasitic virus. It hooks INT 21h and writes itself to the beginning of COM a
nd to the end of EXE files that are executed or opened. While installing into th
e memory, before return to the host program this virus disinfects the host file.
If an installed DOS have...
Adware AuxiliaryDisplayApi.dll Virus.DOS.Dnepr.377 It is not a dangerous me
mory resident parasitic virus. It copies itself into Interrupt Vectors Table, ho
oks INT 1Ch, 21h and writes itself to the end of COM files that are executed. De
pending in its internal counter the virus displays the message: DNEPR-CHAMPION
Rogue cacls.exe Virus.DOS.Darkray_II.466 It is not a dangerous no
nmemory resident parasitic virus. It searches for .COM files, then writes itself
to the end of the file. The virus displays the messages: This file contains a
virus!!! Please COLD-boot from a write protected system disk and use you anti vi
rus software!!! Dit virus is ter...
Rogue control.exe Virus.DOS.Exorcist.212 It is a very dangerous nonmemory
resident overwriting virus. It searches for COM files, then overwrites them, an
d displays the message: Bad command or file name then returns to DOS. On 1st o
f any month the virus erases sectors on the C: drive. The virus also contains th
e text strings: [RED...
Spyware dialer.exe Trojan-PSW.Win32.Lmir.gen This family of Trojans s
teals passwords to the online game Legend of Mir. As a rule, programs belonging
to this family are written in high-level programming languages such as Delphi,
Visual C/C++, Visual Basic). File sizes vary, and the programs utilize a range o
f methods to install themselves to...
Dialer dot3svc.dll Exploit.IIS.Beavuh Beavuh is a malware exploit of t
he so-called MS IIS ".printer" vulnerability, which is described by Microsoft in
the "Security Bulletin MS01-23",released May 1, 2001. The MS01-23 Security Bu
lletin can be viewed at the following location:...
Adware eapsvc.dll Virus.DOS.Jeff.812 It is a very dangerous nonmemory
resident parasitic virus. It searches for .COM files and writes itself to the e
nd of the file. On July, 7th it displays: JEFF is visiting your harddisk... an
d erases FAT of current disk.
Trojan fontext.dll Trojan.Win32.Small.eu This Trojan is a Windows PE EXe
file 3584 bytes in size. Once launched, the Trojan registers this file in the s
ystem registry, ensuring that it will be launched each time Windows is rebooted
on the victim machine: [HKCU\Software\Microsoft\Windows\CurrentVersion\Runonce]
"MSSetup"="<path to...
Spyware hbaapi.dll Trojan-PSW.Win32.Nilage.ha This Trojan belongs to a
family of programs designed to steal system passwords. It steals confidential d
ata about the victim machine, including passwords and information entered via th
e keyboard. The Trojan itself is a Windows PE EXE file approximately 68KB in si
ze, packed using ASPack. The...
Dialer ieakeng.dll Exploit.HTML.Ascii.p This exploit uses a vulnerabilit
y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT
ML page. It is 1872 bytes in size. It is not packed in any way.
Spyware iscsium.dll Trojan-PSW.Win32.LdPinch.azw This Trojan is designed
to steal confidential information (user passwords). It is designed to steal a r
ange of confidential information. It is a Windows PE EXE file. It is 24,384 by
tes in size. It is packed using MEW. The unpacked file is approximately 340KB in
size. It is written in Assembler.
Malware KBDGR.DLL Virus.DOS.SPE.CyberWarrior.5300.a It is a very dan
gerous memory resident polymorphic and stealth parasitic virus. It hooks INT 21h
and writes itself to the end of COM and EXE files that are executed, opened, cl
osed or accessed with Get/Set File Attribute DOS call. Depending on its counter
the virus erases the MBR of the hard drive...
Rogue KBDMON.DLL Virus.DOS.Zerobug.1536.a It is a memory resident
not dangerous virus which inserts itself into COM-files beginning at their creat
ing: the infector hooks INT 21h, f.3Ch, creates the file, writes its body into t
his file and returns the control back to the program that called this function.
And then that program appends the...
Trojan KBDUGHR.DLL Trojan.BAT.Adduser.t This Trojan has a malicious payl
oad. It is a BAT file. It is 1129 bytes in size.
Backdoor Mcx2Svc.dll Backdoor.Win32.Nanspy.f This backdoor program is
written in Delphi, and packed using UPX. The file is 211520 bytes in size. Ins
tallation The backdoor copies itself to the system directory as spools.exe. It
registers this file in the system registry to ensure that the program is launche
d each time Windows is rebooted....
Dialer modemui.dll Exploit.HTML.Ascii.e This exploit uses a vulnerabilit
y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT
ML page. It is 1315 bytes in size. It is not packed in any way.
Rogue msisip.dll Virus.DOS.Holms.6161 It is not a dangerous memory res
ident parasitic polymorphic virus. It hooks INT 8, 1Ch, 21h, 28h and writes itse
lf to the end of COM and EXE files (except COMMAND.COM) that are executed or ope
ned. On INT 8 and INT 28h calls depending on its counters and system conditions,
the virus searches for the...
Spyware mswsock.dll Trojan-PSW.Win32.Fantast.30 This Trojan tracks the u
ser's keystrokes. It is a Windows PE EXE file. The file is approximately 40KB
in size. It is not packed in any way. Installation Once launched, the Trojan
copies itself to the Windows system and root directories under the following na
mes:...
Dialer mydocs.dll Exploit.HTML.Ascii.j This exploit uses a vulnerabilit
y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT
ML page. It is 1046 bytes in size. It is not packed in any way.
Rogue NlsData0013.dll Virus.DOS.Digger.1000 This is a harmless memory-reside
nt parasitic encrypted virus. On execution it removes itself from the host file,
then executes it, hooks INT 21h and stays memory resident. It infects the COM a
nd EXE files on their execution and inserts itself into their bodies. EXE files
are converted to COM format...
Malware NlsLexicons0001.dll Virus.DOS.SPE.CyberWarrior.5300.a It is a
very dangerous memory resident polymorphic and stealth parasitic virus. It hooks
INT 21h and writes itself to the end of COM and EXE files that are executed, op
ened, closed or accessed with Get/Set File Attribute DOS call. Depending on its
counter the virus erases the MBR of the hard drive...
Backdoor ntprint.exe Backdoor.Win32.Jix.a This Trojan has a built-
in remote administration tool. The program itself is a Windows PE EXE file appr
oximately 15KB in size, packed using UPX. The unpacked file is approximately 25
KB in size. Once launched, the Trojan copies itself to the Windows system direc
tory under one of the following...
Trojan peninst.dll Trojan.JS.ExitW.a This Trojan is a JavaScript scen
ario. It can be found on web pages. The file is 706 bytes in size.
Spyware PnPutil.exe Trojan-PSW.Win32.Nilage.ha This Trojan belongs to a
family of programs designed to steal system passwords. It steals confidential d
ata about the victim machine, including passwords and information entered via th
e keyboard. The Trojan itself is a Windows PE EXE file approximately 68KB in si
ze, packed using ASPack. The...
Adware rdpdd.dll Virus.DOS.Fire.2682 It's a harmless memory resident
encrypted parasitic stealth virus. It hooks INT 21h and writes itself to the end
of COM- and EXE-files that are executed. It contains the internal text strings:
Fire walk with me.
Malware sdclt.exe Virus.DOS.Mini.60.a These are extremely primitive no
n memory resident harmless viruses. They write themselves to all .COM files of t
he current directory. The peculiarity of these viruses is their small length. Al
l infectors contain the string "*.COM" or "*.com". The length of files getting
infection by "Mini.127.b"...
Backdoor share.exe Backdoor.Win32.Delf.duc This malicious program i
s a Trojan. It is a Windows PE EXE file. It is 447488 bytes in size.
Spyware spwizres.dll Trojan-PSW.Win32.Coced.215 This Trojan steals user
passwords. It is designed to steal a range of confidential information. It is a
Windows PE EXE file. It is 10,240 bytes in size. It is written in Visual C++.
Installation Once launched, the Trojan copies its executable file to the Windows
system directory:...
Worm TabbtnEx.dll Net-Worm.Win32.Lovesan.a Lovesan is an Internet W
orm which exploits the DCOM RPC vulnerability in Microsoft Windows described in
MS Security Bulletin MS03-026. Lovesan is written in C using the LCC compiler.
The worm is a Windows PE EXE file about 6KB (compressed via UPX - 11KB when dec
ompressed). Lovesan downloads and...
Adware themeui.dll Virus.DOS.Squatter.9742 This is a dangerous memory resid
ent parasitic highly polymorphic and stealth virus. It hooks INT 21h and writes
itself to the end of COM and EXE files that are accessed. Depending on their cou
nters the virus also infects the "C:\DOS\KEYB.COM" file, if it exists. The virus
does not infect the...
Malware unimdmat.dll Virus.DOS.Shifter.983 This virus infects .OBJ files pr
epared to be compiled to COM files. The virus inserts itself into OBJ files so,
that after linking to COM executable file the result contains the virus at the b
eginning of the file. When that file is executed, the virus receives the control
, hooks INT 21h and...
Trojan WindowsAnytimeUpgradeCPL.dll Trojan.MSWord.Thief This Trojan uses
remote template vulnerability of MS Word 97. The URL is sent to some IRC channe
ls that contain a HTML file that automatically loads and opens an MS Word docume
nt that contains reference to another MS Word template-containing Trojan macro.
MS Word opens this template without any...
Adware winsta.dll Virus.DOS.Zzz.1379 It is a dangerous nonmemory resi
dent parasitic virus. It searches for .COM files in the directories C:\WINDOWS\C
OMMAND, C:\DN, \CLIENT\WIN95\, then writes itself to the beginning of the file.
While infecting the virus creates temporary file ZZZ.TMP. On 20th and 27th of an
y month the virus deletes...
Malware wpdwcn.dll Virus.DOS.Acapulco.1971 It's a not dangerous memory resi
dent parasitic virus. It hooks INT 21h and writes itself at the end of COM- and
EXE-files are executed. Sometimes it hooks INT 08h (timer) and plays several tun
es.
Adware wuapi.dll Virus.Linux.Gildo It is not a dangerous, memory re
sident parasitic virus. It was written in the assembler language. It uses system
calls (syscall) while working with files. The virus infects ELF files. It writ
es itself to the middle of the file. After starts the virus divides a main pro
cess and continues its work....

Vous aimerez peut-être aussi