F-Secure Malware Descriptions

Trojan-Spy:W32/ZBot.XF

Trojan-Spy:W32/ZBot.XF is a trojan-spy.

Trojan-spy applications attempt to steal online banking login-information and other sensitive data from the infected computer.

ZBot.XF also targets online poker and gaming sites.

Trojan:Java/Konov.A

Konov is a Java (J2ME) trojan.

Konov will work on most phones capable of executing Java programs. Once executed Konov will send SMS messages to premium rate numbers.

Trackware:W32/Tracking Cookie

Tracking cookies are files that track your web browsing habits.

Tracking cookies are browser settings that provide websites a unique ID for the user. The tracking cookies are constantly recreated when you browse the web.

Trojan-Spy:W32/Gimmiv.A

This type of trojan secretly installs spy programs and/or keylogger programs.

Trojan-Downloader:W32/FakeAlert.BG

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Trojan-Downloader:W32/Renos.GEN

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Worm:W32/AutoRun.NOI

AutoRun worm.

Net-Worm:W32/Koobface.BM

A type of worm that replicates by sending complete, independent copies of itself over a network.

Rootkit:W32/Agent.UI

A program or set of programs which hides itself by subverting or evading the computer's security mechanisms, then allows remote users to secretly control the computer's operating system.

Backdoor:W32/Hupigon.OGA

A remote administration utility which bypasses normal security mechanisms to secretly control a program, computer, or network.

Trojan-Downloader:W32/Tibs.VX

This malware downloads files into the system and executes them.

Trojan-Spy:W32/Goldun.RR

A type of trojan that includes a variety of spy programs and keyloggers.

Trojan-Dropper:W32/Hoaxer.B

This type of trojan contains one or more malicious files, which it will secretly install on the system.

Trojan-Downloader:W32/Agent.HSM

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Monitoring Tool:WinCE/BopSmiley.A

BopSmiley is a spying application for mobile phones using Windows PocketPC or Windows Smartphone operating systems.

When the application is active on a phone, it records both voice call and SMS information and sends the details to a third party server.

Adware:W32/AdRotator.GEN

Adware: A type of Advertising Display Software that delivers advertising content potentially in a manner or context that may be unexpected and unwanted by consumers.

Many adware applications also perform tracking functions, and therefore may also be categorized as Tracking Technologies.

Trojan:W32/Monder.GEN

Trojan.Win32.Monder.gen is generic detection of trojans that are involved in the installation of "Virtumonde" adware/spyware.

Backdoor:W32/IRCBot.DIG

A remote administration tool (RAT) which bypasses normal security mechanisms to secretly control a program, computer or network.

Trojan-Downloader:W32/Agent.HPS

Trojan-downloaders attempt to download and install new malware, spyware, or adware on the targeted computer. No graphical user interface can be seen; it will run in the background.

Backdoor:W32/IRCBot

Backdoors are Remote Administration Tools (RAT) that expose infected machines to external control via the Internet.

IRCBots are a type of "bot" that receive commands and are controlled via Internet Relay Chat (IRC).

Botnets have been used for sending spam remotely, installing more malware without consent, and other illicit purposes.

Rootkit:W32/Agent.UG

A program or set of programs which hides itself by subverting or evading the computer's security mechanisms, then allows remote users to secretly control the computer's operating system.

Worm:W32/AutoRun.GM

A standalone malicious program which uses computer or network resources to make complete copies of itself. May include code or other malware to damage both the system and the network.

Backdoor:W32/Hupigon.EMV

A backdoor is a Remote Administration Tools (RAT) that expose infected machines to external control via the Internet by remote attackers.

Trojan-Downloader:W32/ConHook.APX

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Worm:W32/Autorun.NDS

A standalone malicious program which uses computer or network resources to make complete copies of itself. May include code or other malware to damage both the system and the network.

Rootkit:W32/Agent.TZ

A program or set of programs which hides itself by subverting or evading the computer's security mechanisms, then allows remote users to secretly control the computer's operating system.

Trojan-Spy:W32/Banbra.RH

This type of trojan secretly installs spy programs and/or keylogger programs.

Trojan-Dropper:W32/Agent.FBB

This type of trojan contains one or more malicious programs, which it will secretly install and execute.

Worm:W32/Autorun.GA

A standalone malicious program which uses computer or removable drives to make complete copies of itself.

Worm:W32/VB.KQ

A standalone malicious program which uses computer or network resources to make complete copies of itself.

May include code or other malware to damage both the system and the network.

Worm:W32/Kaxela.A

A standalone malicious program which uses computer or network resources to make complete copies of itself. May include code or other malware to damage both the system and the network.

Backdoor:W32/Zapchast

A remote administration utility which bypasses normal security mechanisms to secretly control a program, computer or network.

Trojan-Spy:W32/Zbot

This type of trojan secretly installs spy programs and/or keylogger programs.

Backdoor:W32/Hupigon.OET

A remote administration utility which bypasses normal security mechanisms to secretly control a program, computer or network.

Email-Worm:VBS/Gedza.B

This type of worm is embedded in an e-mail attachment, and spreads using the infected computer's e-mailing networks.

Trojan-Downloader:HTML/IFrame.SV

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Trojan-Downloader:W32/Small.AAFH

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Trojan-Downloader:W32/Exchanger.AJ

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Trojan-Downloader:JS/Agent.CTL

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Trojan-Downloader:JS/Agent.CKK

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Trojan-Downloader:HTML/IFrame.SU

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Trojan-Downloader:JS/Agent.CKL

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Trojan-PSW:W32/Nilage.AFZ

Trojan-PSW:W32/Nilage.AFZ attempts to steal username and password information for the Lineage MMORPG.

Trojan-Downloader:JS/Agent.CTK

This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.

Worm:SymbOS/Commwarrior

Commwarrior is a worm that operates on Symbian Series 60 2nd Edition devices.

The worm is capable of spreading itself via Bluetooth and MMS.

Rogue:W32/Rogue antispyware

Dishonest antivirus software which tricks users into buying or installing it, usually by infecting a user's computer, or by pretending the computer is infected.

Rogue:W32/XPAntivirus

XP Antivirus is a "rogue" security program that claims to detect and remove malicious software, but gives fake and exaggerated scan results in an attempt to trick people into purchasing the program.

This rogue program is commonly downloaded and installed via trojans without consent and even hijacks the user's desktop to display misleading and alarming messages.

Trojan-Downloader:W32/Exchanger

Trojan-Downloader:W32/Exchanger variants download additional malicious software onto the infected system.

Worm:W32/Autorun.BHX

Worm:W32/Autorun.BHX spreads by copying itself to removable drives and attempts to steal username and password information for several different online games.

Trojan:W32/Agent.FVO

Trojans are malicious programs that pretend be to benign. Trojans do not replicate themselves.