Trojan Library

Trojan.Flush.F is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.

PWSteal.Wayi is a Trojan horse that attempts to steal passwords for the Rexue Jianghu online game offered by wayi.com.tw. The Trojan sends the stolen information to a predetermined email address.

Trojan.Rohoteng is a Trojan horse that attempts to steal confidential information related to online games running on the compromised computer. It then attempts to send this information to some Web sites.

PWSteal.Drorar is a Trojan horse that attempts to steal system information and log keystrokes. It sends the gathered information to predetermined URLs.

Trojan.Schoeberl is a Trojan horse that downloads and executes remote files.

Trojan.Tooso.N is a Trojan Horse that attempts to lower security settings and download other threats. This risk is mailed by W32.Beagle.CG@mm.

Also Known As: Troj/Dropper-{BB, BC, BD} [Sophos]

Trojan.Hugesot is a Trojan horse that downloads remote files and attempts to start a command shell on the compromised computer.

Backdoor.Graybird.Q is a Trojan horse program that hides its presence on the compromised computer and downloads remote files.

Trojan.Tooso.M is a Trojan horse that lowers security settings by ending processes, stopping services, removing registry entries and deleting files.

Backdoor.Graybird.P is a Trojan horse program that hides its presence on the compromised computer and downloads remote files.

PWSteal.Reoxtan is a Trojan horse program that attempts to steal user names, passwords, and other computer information. It also attempts to lower security settings on the compromised computer.

Trojan.Flush.E is a Trojan horse that modifies the DNS server settings on a compromised computer and redirects the browser to potentially malicious Web sites.

Backdoor.Graybird.O is a Trojan horse that opens a back door and contacts a remote attacker for additional commands.

Trojan.Gargafx is a Trojan horse that downloads remote files and attempts to hide its presence on the compromised computer.

Trojan.Exphook is a password stealing Trojan horse that hooks Internet Explorer and searches local files in an attempt to collect passwords and other sensitive information from the compromised computer.

Trojan.Cdtray is a Trojan horse that repeatedly opens and closes the CD-ROM drive.

Trojan.Webus.I is a Trojan horse that connects to an IRC server and opens a back door on the compromised computer.

Trojan.Jupillites is a Trojan horse that runs as a proxy. It also performs an Internet Control Message Protocol (ICMP) Denial of Service attack against a predetermined computer.

Trojan.Secup is a Trojan that shows fake security warnings as a message box, icons in the system tray or popups, deceiving users into downloading and installing programs from possibly malicious Web sites.

Backdoor.Samkams is a Trojan horse with back door capabilities that allows a remote attacker to have unauthorized access to the compromised computer.

Backdoor.Berbew.S is a Trojan that steals passwords and opens a back door allowing a remote attacker unauthorized access to the compromised computer. The Trojan also attempts to lower security settings in Internet Explorer.

BAT.Trojan is a generic detection for various Trojan horse batch files.

SymbOS.Skulls.K is a Symbian Trojan horse that affects series 60 phones.
The Trojan overwrites several applications and installs a copy of SymbOS.Cabir.

Trojan.Riler.E is a back door Trojan horse that installs itself as a layered service provider (LSP), and allows a remote attacker to have unauthorized access to the compromised computer.

SymbOS.Doomboot.A is a Trojan horse that drops corrupt files and a copy of SymbOS.Commwarrior.B on to the compromised device. The Trojan runs on the Symbian OS, which is used as the operating system for Nokia Series 60 cellular telephones.

Trojan.Dermon.A is a Trojan horse that lowers security settings and attempts to download remote files.

Also Known As: Trojan-Dropper.Win32.Agent.lo [Kaspersky Lab], BackDoor-CIU [McAfee], Troj/Dermon-C [Sophos]

Trojan.Havedo is a Trojan horse that replaces %System%\cmd.exe with a fake command prompt window. It also attempts to execute copies of Visual Foxpro 6.0, if present on the compromised computer.

Trojan.Repsamo is a Trojan horse that downloads files and executes them. The Trojan may also be used as a back door or covert proxy.

PWSteal.Wowcraft is a password-stealing Trojan horse that attempts to steal the password to the "World of Warcraft" game and send it to the creator of the Trojan.

Backdoor.Berbew.T is a Trojan that opens a back door to allow a remote attacker unauthorized access to the compromised computer.