F-Secure Malware Descriptions

Worm:W32/Downadup.AL

A standalone malicious program which uses computer or network resources to make complete copies of itself. May include code or other malware to damage both the system and the network.

Exploit:SymbOS/SMSCurse.A

Exploit:/SymbOS/SMSCurse.A is a Denial-of-Service (DoS) exploit that affects messaging components of phones that use Symbian Series 60 versions 2.6, 2.8, 3.0, 3.1, and Sony Ericsson UiQ devices.

When the exploit crashes SMS messaging on a phone, the phone remains otherwise completely functional. The only effect is that it cannot receive any new SMS/MMS messages.

Email-Worm:W32/Waledac.A

This type of worm is embedded in an e-mail attachment, and spreads using the infected computer's e-mailing networks.

Trojan-Downloader:W32/Banload.FVQ

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Trojan-Spy:W32/Banbra.RM

This type of trojan secretly installs spy programs and/or keylogger programs.

Trojan-Dropper:W32/Ambler.D

This type of trojan contains one or more malicious programs, which it will secretly install and execute.

Backdoor:W32/Agent.IFX

Backdoors are Remote Administration Tools (RAT) that expose infected machines to external control via the Internet.

Trojan-Spy:W32/Ambler.C

This type of trojan secretly installs spy programs and/or keylogger programs.

Exploit:JS/Agent.IHL

Exploit:JS/Agent.IHL is JavaScript, usually found on malicious or compromised websites.

It is used to silently install malicious software onto the website visitor's system.

Worm:W32/AutoRun.DMO

A standalone malicious program which uses computer or network resources to make complete copies of itself. May include code or other malware to damage both the system and the network.

Trojan:W32/DNSChanger.ARNF

A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. The program is often started by the user, and it does not usually replicate.

Trojan-Dropper:W32/Agent.FLN

This type of trojan contains one or more malicious programs, which it secretly installs and executes.

Toolbar:W32/SweetIM

SweetIM is an instant messenger add on.

Worm:W32/Downadup

A standalone malicious program which uses computer or network resources to make complete copies of itself. May include code or other malware to damage both the system and the network.

Net-Worm:W32/Koobface.CY

A type of worm that replicates by sending complete, independent copies of itself over a network.

Net-Worm:W32/Koobface.CZ

A type of worm that replicates by sending complete, independent copies of itself over a network.

Backdoor:W32/TDSS

A remote administration utility which bypasses normal security mechanisms to secretly control a program, computer or network.

Trojan:W32/Krap.B

This detection is of "packed" software. Packers are used to compress files and to disguise the malicious contents.

Backdoor:W32/SdBot.CNJ

Backdoor:W32/SdBot.CNJ is a piece of malicious software that tries to disable various firewalls and antivirus programs, steal passwords from the infected machine and spread through removable media devices

Trojan-Downloader:W32/Agent.IDO

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Worm:W32/Autorun.KK

A standalone malicious program which uses computer or network resources to make complete copies of itself. May include code or other malware to damage both the system and the network.

Rogue:W32/VirusRemover2008.C

"Rogue" software is an antivirus or antispyware program that tricks users into buying or installing it, usually by infecting a user's computer, or by pretending the computer is infected.

Worm:W32/AutoIt.Q

This malware spreads by copying itself to removable devices and replacing the autorun.inf of the device with its own copy to ensure automatic execution.

Trojan:W32/Feedel

A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.

Trojan-Downloader:OSX/Jahlev.A

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Worm:W32/Autorun.KD

A standalone malicious program which uses computer or network resources to make complete copies of itself. May include code or other malware to damage both the system and the network.

Trojan-Spy:W32/ZBot.XF

Trojan-Spy:W32/ZBot.XF is a trojan-spy.

Trojan-spy applications attempt to steal online banking login-information and other sensitive data from the infected computer.

ZBot.XF also targets online poker and gaming sites.

Trojan:Java/Konov.A

Konov is a Java (J2ME) trojan.

Konov will work on most phones capable of executing Java programs. Once executed Konov will send SMS messages to premium rate numbers.

Trackware:W32/Tracking Cookie

Tracking cookies are files that track your web browsing habits.

Tracking cookies are browser settings that provide websites a unique ID for the user. The tracking cookies are constantly recreated when you browse the web.

Trojan-Spy:W32/Gimmiv.A

This type of trojan secretly installs spy programs and/or keylogger programs.

Trojan-Downloader:W32/FakeAlert.BG

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Trojan-Downloader:W32/Renos.GEN

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Worm:W32/AutoRun.NOI

AutoRun worm.

Rootkit:W32/Agent.UI

A program or set of programs which hides itself by subverting or evading the computer's security mechanisms, then allows remote users to secretly control the computer's operating system.

Backdoor:W32/Hupigon.OGA

A remote administration utility which bypasses normal security mechanisms to secretly control a program, computer, or network.

Trojan-Downloader:W32/Tibs.VX

This malware downloads files into the system and executes them.

Trojan-Spy:W32/Goldun.RR

A type of trojan that includes a variety of spy programs and keyloggers.

Trojan-Dropper:W32/Hoaxer.B

This type of trojan contains one or more malicious files, which it will secretly install on the system.

Trojan-Downloader:W32/Agent.HSM

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Monitoring Tool:WinCE/BopSmiley.A

BopSmiley is a spying application for mobile phones using Windows PocketPC or Windows Smartphone operating systems.

When the application is active on a phone, it records both voice call and SMS information and sends the details to a third party server.

Adware:W32/AdRotator.GEN

Adware: A type of Advertising Display Software that delivers advertising content potentially in a manner or context that may be unexpected and unwanted by consumers.

Many adware applications also perform tracking functions, and therefore may also be categorized as Tracking Technologies.

Trojan:W32/Monder.GEN

Trojan.Win32.Monder.gen is generic detection of trojans that are involved in the installation of "Virtumonde" adware/spyware.

Backdoor:W32/IRCBot.DIG

A remote administration tool (RAT) which bypasses normal security mechanisms to secretly control a program, computer or network.

Trojan-Downloader:W32/Agent.HPS

Trojan-downloaders attempt to download and install new malware, spyware, or adware on the targeted computer. No graphical user interface can be seen; it will run in the background.

Backdoor:W32/IRCBot

Backdoors are Remote Administration Tools (RAT) that expose infected machines to external control via the Internet.

IRCBots are a type of "bot" that receive commands and are controlled via Internet Relay Chat (IRC).

Botnets have been used for sending spam remotely, installing more malware without consent, and other illicit purposes.

Rootkit:W32/Agent.UG

A program or set of programs which hides itself by subverting or evading the computer's security mechanisms, then allows remote users to secretly control the computer's operating system.

Worm:W32/AutoRun.GM

A standalone malicious program which uses computer or network resources to make complete copies of itself. May include code or other malware to damage both the system and the network.

Backdoor:W32/Hupigon.EMV

A backdoor is a Remote Administration Tools (RAT) that expose infected machines to external control via the Internet by remote attackers.

Trojan-Downloader:W32/ConHook.APX

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Worm:W32/Autorun.NDS

A standalone malicious program which uses computer or network resources to make complete copies of itself. May include code or other malware to damage both the system and the network.