Adware schannel.dll Virus.DOS.Am.

743 This is a harmless memory-reside

nt parasitic virus. It hooks INT 21h and writes itself at the end of COM files t
hat are executed. It contains the text "am", the same value is returned (in ASCI
I) by the virus when it checks the previously loaded TSR copy. On calling the G
etDate DOS function the...
Adware wmvcore.dll Virus.DOS.Am.743 This is a harmless memory-reside
nt parasitic virus. It hooks INT 21h and writes itself at the end of COM files t
hat are executed. It contains the text "am", the same value is returned (in ASCI
I) by the virus when it checks the previously loaded TSR copy. On calling the G
etDate DOS function the...
Trojan iernonce.dll Trojan.JS.ExitW.a This Trojan is a JavaScript scen
ario. It can be found on web pages. The file is 706 bytes in size.
Rogue 47.exe Virus.DOS.Darkray_II.466 It is not a dangerous nonmemory
resident parasitic virus. It searches for .COM files, then writes itself to the
end of the file. The virus displays the messages: This file contains a virus!!!
Please COLD-boot from a write protected system disk and use you anti virus soft
ware!!! Dit virus is ter...
Backdoor ansi.sys Backdoor.Perl.AEI.16 This Trojan program is d
esigned to provide remote management of systems running UNIX-type operating syst
ems. It is a Perl scenario. It is approximately 12KB in size.
Trojan chkdsk.exe Trojan.Win32.KillWin.bl This Trojan program deletes the
Windows NT system file. The Trojan itself is a Windows PE EXE file, 296407 byte
s in size.
Backdoor d3dx10.dll Backdoor.Win32.BO.a This Trojan (also known
as Back Orifice Trojan) is a network-administration utility that allows for the
controlling of computers on the network. "'Back Orifice' is a remote administrat
ion system, which allows a user to control a computer across a tcpip connection
using a simple console or gui...
Spyware defrag.exe Trojan-PSW.Win32.OnLineGames.lfi This malicious p
rogram is a Trojan. It is a Windows PE EXE file. It is 123873 bytes in size. I
nstallation The Trojan copies its executable file to the Windows system director
y: %System%\amvo.exe In order to ensure that the Trojan is launched automatical
ly each time the system is restarted, the...
Worm dskquoui.dll Net-Worm.Win32.Zorin.a This worm infects computers runn
ing Windows, and spreads via open network resources. Once installed, the worm in
fects .exe files on the victim computer. The worm itself is a Windows PE EXE fi
le, and is approximately 82KB in size. Installation Once launched, the worm co
pies itself to the Windows...
Trojan dx8vb.dll Trojan-SMS.SymbOS.Viver.a This Trojan program is d
esigned to run on smartphones running Symbian. The Trojan is a SIS installation
archive. The Trojan has no self replication routine. Trojan-SMS.SymbOS.Viver.
a actually covers two variants of this malicious program. The first is an archiv
e called RulesViver.sis. It is 42,...
Worm fltlib.dll Net-Worm.Win32.Mytob.a This network worm infects comput
ers running Windows. It is a Windows PE EXE file approximately 43KB in size, pac
ked using FSG. The unpacked file is approximately 143KB in size. The worm sprea
ds via a vulnerability in the Windows LSASS service. You can find information ab
out the vulnerability...
Malware ieaksie.dll Virus.DOS.Shifter.983 This virus infects .OBJ files pr
epared to be compiled to COM files. The virus inserts itself into OBJ files so,
that after linking to COM executable file the result contains the virus at the b
eginning of the file. When that file is executed, the virus receives the control
, hooks INT 21h and...
Rogue isrdbg32.dll Virus.DOS.Lame.98 These viruses search for .COM fi
les of current directory and infect them. "Lame.98,173" are overwriting viruses.
Other viruses are parasitic ones, they write themselves to the end of the file.
These viruses contain the text strings: "Lame.98": Devastator/PHOBIA Lame vir
us #1 "Lame.173":...
Backdoor kbdkaz.dll Backdoor.Perl.AEI.16 This Trojan program is d
esigned to provide remote management of systems running UNIX-type operating syst
ems. It is a Perl scenario. It is approximately 12KB in size.
Adware localsec.dll Virus.DOS.Cheeba.1683 This is a memory resident harmle
ss virus which infects COM and EXE files by standard manner. It infects the memo
ry only if the INT 13h vector points to memory area with address lesser than add
ress of the first MCB. The virus changes the first 5 bytes into INT 13h, 21h, 22
h handlers to instruction...
Worm MFC71.dll Net-Worm.Win32.Mytob.a This network worm infects comput
ers running Windows. It is a Windows PE EXE file approximately 43KB in size, pac
ked using FSG. The unpacked file is approximately 143KB in size. The worm sprea
ds via a vulnerability in the Windows LSASS service. You can find information ab
out the vulnerability...
Malware msdadiag.dll Virus.DOS.ProtoVirus.720.a These are not dangerous
memory resident parasitic viruses. They hook INT 21h and write themselves to the
end of .COM files that are executed. The viruses contain the text string: ** P
rotoVirus v1.0 by Chr'92 ** and check it while installing into the system memor
y. If that string is altered, the...
Worm mstask.dll Net-Worm.Win32.Lovesan.a Lovesan is an Internet W
orm which exploits the DCOM RPC vulnerability in Microsoft Windows described in
MS Security Bulletin MS03-026. Lovesan is written in C using the LCC compiler.
The worm is a Windows PE EXE file about 6KB (compressed via UPX - 11KB when dec
ompressed). Lovesan downloads and...
Adware nddenb32.dll Virus.DOS.Beast.a This is a dangerous stealth viru
s that affects COM files, writing itself at the file beginning. A file is infect
ed as it is executed or closed. The beginning of the file is saved at the first
unused sector of the last cluster of the file. ? <----------- File -----------
--------------->...
Trojan nvgamesr.dll Trojan.Win32.Diamin.jn This Trojan has a malicious payl
oad. It is a Windows PE EXE file. It is 29392 bytes in size. It is packed usin
g UPX. The unpacked file is approximately 52KB in size. It is written in Delphi
. Installation When launched, the Trojan copies its executable file to the Wind
ows directory as...
Spyware nvwrspl.dll Trojan-PSW.Win32.LdPinch.byc This Trojan is designed
to steal user passwords. It is a Windows PE EXE file. The file is 43 377 bytes
in size. It is written in Assembler.
Adware olesvr.dll Virus.DOS.CriminalWW.1788 These are very dangerous
memory resident parasitic polymorphic viruses. They trace and hook INT 21h, the
n they write themselves to the end of COM and EXE files that are executed or ope
ned. Depending on their internal counters the viruses erase the MBR of the hard
drive and then display the message:...
Rogue prflbmsg.dll Virus.DOS.Holms.6161 It is not a dangerous memory res
ident parasitic polymorphic virus. It hooks INT 8, 1Ch, 21h, 28h and writes itse
lf to the end of COM and EXE files (except COMMAND.COM) that are executed or ope
ned. On INT 8 and INT 28h calls depending on its counters and system conditions,
the virus searches for the...
Adware raschap.dll Virus.DOS.Cheeba.1683 This is a memory resident harmle
ss virus which infects COM and EXE files by standard manner. It infects the memo
ry only if the INT 13h vector points to memory area with address lesser than add
ress of the first MCB. The virus changes the first 5 bytes into INT 13h, 21h, 22
h handlers to instruction...
Backdoor schedsvc.dll Backdoor.WinCE.Brador.a Brador.a is a backdoor (
a utility allowing for remote administration of the infected machine) for Pocket
PC based on Windows CE and newer version of Windows Mobile. It is written in
ASM for ARM-processors and is 5632 bytes in size. After Brador is launched it c
reates an svchost.exe file in the...
Malware shellstyle.dll Virus.DOS.Croatia_II.560 It is a very dangerous m
emory resident parasitic virus. It hooks INT 21h and writes itself to the end of
COM files that are executed. The virus deletes the CHKLIST.MS file, if it exist
s. On February 12th it erases the hard drive sectors and displays the message:
Croatia must be free ! (c) 1995 by...
Malware syskey.exe Virus.DOS.TaiPan.Chroot.727 This is a harmless memor
y-resident parasitic virus. It hooks INT 21h and writes itself to the end of EXE
files that are executed. This virus infects files that are executed, opened or
accessed by Get/Set File Attributes DOS call. It deletes the F-PROT anti-virus
and does not infect the file...
Dialer tscfgwmi.dll Exploit.PHP.Inject.f This exploit is designed to stea
l confidential information from Web application databases. It is a PHP file. It
is 1,610 bytes in size. It is not packed in any way. It is written in PHP.
Adware wiadefui.dll Virus.DOS.Gle.848 It is a dangerous memory residen
t virus that by standard way infects every started 10th EXE-file. It hooks INT 2
1h. On December, 24th it displays the text: "Gle&icirc;ileg j&oacute;l" and stop
s any file execution.
Dialer winhttp.dll Exploit.HTML.Ascii.b This exploit uses a vulnerabilit
y in Internet Explorer (CVE-2006-3227) to run on the victim machine. It is an HT
ML page. It is 3616 bytes in size. It is not packed in any way.
Spyware wpdshext.dll Trojan-PSW.Win32.LdPinch.ur This Trojan is designed
to steal user passwords. It is a Windows PE EXE file. The size of the infecte
d file may vary between 21KB to 86KB. It is packed using FSG.
Rogue xvidcore.dll Virus.DOS.Mabuhay.2660.b This is a very dangerous
virus. It hooks INT 21h and writes itself to the end of COM and EXE files that
are executed (except COMMAND.COM). It looks like modifications of the "Jerusalem
" virus. On June, 12th it displays the national flag of Philippines, the text me
ssage, erases the disk sectors and...