F-Secure Buy F-Secure Internet Security
Backdoor:OSX/MacKontrol.A
Backdoor:OSX/MacKontrol.A connects to a remote server to receive further instructions, without the knowledge or permission from the user.
Backdoor:OSX/Sapbap.A
Backdoor:OSX/Sabpab.A connects to a remote server to receive further instructions, without the knowledge or permission from the user.
Backdoor:OSX/Olyx.C
Backdoor:OSX/Olyx.C connects to a remote server to receive further instructions, without the knowledge or permission from the user.
Backdoor:OSX/Olyx.B
Backdoor:OSX/Olyx.B connects to a remote server to receive further instructions, without the knowledge or permission from the user.
Trojan:W32/Ransomcrypt
Trojan:W32/Ransomcrypt is ransomware that encrypts files on the affected computer and demands payment in order to provide a password decrypting the affected files.
Trojan:W32/Reveton
Trojan:W32/Reveton is a Ransomware application. It fraudulently claims to be from a legitimate law enforcement authority and prevents users from accessing their infected machine, demanding that a 'fine' must be paid to restore normal access.
Trojan-Downloader:OSX/Flashback.K
Trojan-Downloader:OSX/Flashback.K connects to a remote site to download its payload; on successful infection, the malware modifies targeted webpages displayed in the web browser.
Backdoor:W32/Binanen.A
A dropper Trojan that contains malicious or potentially unwanted software, which it 'drops' and installs on the affected system.
Trojan-Downloader:OSX/Flashback.I
Trojan-Downloader:OSX/Flashback.I connects to a remote site to download its payload; on successful infection, the malware redirects web traffic.
Trojan-Dropper:OSX/Revir.C
Trojan-Dropper:OSX/Revir.C silently drops other malicious programs onto the machine; on execution, Revir.C displays a titillating image to distract the user from the program's malicious activities.
Exploit:Java/Blackhole
Exploit:Java/Blackhole identifies a Java class module used as part of an exploit kit known as Blackhole.
Application:W32/InstallCore
InstallCore is an advertising module that displayed targeted advertising material.
Rootkit:W32/ZAccess
Rootkit:W32/ZAccess constantly displays advertisements on the infected machine and may silently contact remote servers to retrieve additional advertising information.
Backdoor:OSX/DevilRobber.A
Backdoor:OSX/DevilRobber.A silently installs applications related to Bitcoin-mining; it may also harvest data from the infected machine and listen for additional commands from a remote user.
Backdoor:OSX/Tsunami.A
Backdoor:OSX/Tsunami.A is a distributed denial-of-service (DDoS) flooder that is also capable of downloading files and executing shell commands in an infected system.
Trojan-Downloader:OSX/Flashback.C
Trojan-Downloader:OSX/Flashback.C poses as a Flash Player installer and connects to a remote host to obtain further installation files and configuration.
Trojan-Downloader:OSX/Flashback.B
Trojan-Downloader:OSX/Flashback.B poses as a Flash Player installer, and connects to a remote host to obtain further installation configuration and files.
Trojan-Dropper:OSX/Revir.B
Trojan-Dropper:OSX/Revir.B drops and executes a backdoor program onto the system, while camouflaging its activity by opening a JPG file to distract the user.
Monitoring-Tool:Android/SimChecker.A
Monitoring-Tool:Android/SimChecker.A collects geolocation and other device information, and sends out this information via SMS messages and e-mails.
Trojan-Downloader:OSX/Flashback.A
Trojan-Downloader:OSX/Flashback.A poses as a Flash Player installer, and connects to a remote host to obtain further installation configuration and files.
Backdoor:OSX/Imuler.A
Backdoor:OSX/Imuler.A contacts a remote server for instructions; it may then steal files or capture a screenshot of the infected computer system, which is then forwarded to the remote server.
Trojan-Dropper:OSX/Revir.A
Trojan-Dropper:OSX/Revir.A drops a downloader component that downloads a backdoor program onto the system, while camouflaging its activity by opening a PDF file to distract the user.
Worm:W32/Morto.A
Worm:W32/Morto.A propagates through Remote Desktop Services on Windows servers by brute-forcing the login credentials of the server.
Trojan:Android/GinMaster.A
Trojan:Android/GinMaster.A steals confidential information from the device and sends it to a remote website.
Trojan:W32/Yakes
Trojan:W32/Yakes variants attempt to connect to and download files from remote servers.
Trojan:Android/DroidKungFu.C
Trojan:Android/DroidKungFu.C forwards confidential details to a remote server.
Trojan:Android/AutoSPSubscribe.A
Trojan:Android/AutoSPSubscribe.A is a malicious app that targets Android users in China, and is distributed through unofficial markets.
Trojan:BASH/QHost.WB
Trojan:BASH/QHost.WB hijacks web traffic by modifying the hosts.
Trojan:Android/YZHCSMS.A
Trojan:Android/YZHCSMS.A sends SMS/MMS messages to premium rate numbers, potentially incurring unexpected/unwanted usage charges.
Monitoring-Tool:Android/SpyBubble.A
Monitoring-Tool:Android/SpyBubble.A is a commercially available tracking tool.
Trojan:Android/BaseBridge.A
Trojan:Android/BaseBridge.A forwards confidential details to a remote server.
Spyware:Android/Flexispy.K
Spyware:Android/Flexispy.K is a commercially available monitoring program.
Rogue:OSX/FakeMacDef.A
Dishonest antivirus software which tricks users into buying or installing it, usually by infecting a user's computer, or by pretending the computer is infected.
Trojan:W32/Murofet.A
This trojan attempts to download a file (presumably malicious) from a randomly generated domain.
Virus:W32/Ramnit.N
A program that secretly and maliciously integrates itself into program or data files. It spreads by integrating itself into more files each time the host program is run.
Backdoor:W32/Knockex.A
A remote administration utility that bypasses normal security mechanisms to secretly control a program, computer or network.
Trojan-Downloader:W32/Kazy-17907
This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.
Trojan-Downloader:W32/KDV-176347
This type of trojan secretly downloads malicious files from a remote server, then installs and executes the files.
Exploit:W32/MSWord6.Gen
The identifies a Microsoft Word document that has been modified to perform an unauthorized, malicious action.
Exploit:W32/D-Encrypted.Gen
A program or technique that takes advantage of a vulnerability to remotely access or attack a program, computer or server.
Trojan:W32/AntiAV
Also known as a trojan horse program, this is a deceptive program that performs additional actions without the user's knowledge or permission. It does not replicate.
Worm:ACAD/Kenilfe.A
The worm is a malicious AutoCAD program that propagates via removable drives. It also attempts to download Visual Basic Scripts from remote servers, if certain conditions are met.
Adware:W32/ClickPotato.A
This program delivers advertising content to the user. It is usually annoying but harmless, unless it is combined with spyware or trackware.
Backdoor:W32/Spyrat.D
A remote administration utility that bypasses normal security mechanisms to secretly control a program, computer or network.
Rogue:W32/SystemTool
This detection identifies a malicious program, typically used to deceive users into purchasing a fake application.
Backdoor:W32/Bohu.A
This program installs various files onto the system. Among the components installed are: a backdoor which connects to an external site to optain updates and other settings; and a component that monitors web traffic to various search engines in China and the domains of certain antivirus (AV) vendors.
Packed:W32/PeCan.A
This program is packed using a packer program associated with numerous other malware.
Rootkit:W32/Zxshell.B
Rootkit:W32/Zxshell.B is dropped by Backdoor:W32/Zxshell.A and basically functions as a protection mechanism for its main payload file.
Backdoor:W32/Zxshell.A
Backdoor:W32/Zxshell.A is a DLL file with an exported function ("Install"), which is called to install the backdoor.
Other:W32/False Positive
This detection was unintentionally triggered on a JavaScript file associated with Google Analytics. A Hydra exclusion for this detection (2010-12-10_01) was released at 0052 UTC on 10th December, followed by an Aquarius database update (2010-12-10_03) released at 0215 UTC which removes the detection entirely. Please ensure your database is updated to resolve this issue.
Worm:W32/Todon.I
Worm:W32/Todon.I is a worm that spreads to new victim machines via infected removable and network drives. The worm also has trojan-downloader capabilities, as it attempts to download additional files from remote servers.
Trojan:JS/Obfuscated.Gen
Trojan:JS/Obfuscated.Gen is a Generic Detection that identifies malicious HTML, Javascripts, PDF, or any scripting files that contain obfuscated code, which may be used by malware authors to evade antivirus signature detection, as well as making malicious scripts harder discover and analyze
Backdoor:WinCE/PhoneCreeper.A
Backdoor:WinCE/PhoneCreeper.A provides unauthorized remote access to a mobile device.
Other:W32/Generic
Other:W32/Generic is a Generic Detection for a wide range of malicious programs, such as trojans, worms and keyloggers.
Application:W32/Keygen
Application:W32/Keygen identifies non-malicious files used to emulate a Microsoft Key Management Server in order to use cracked license keys for Windows 7.
Trojan:SymbOS/ZeusMitmo.A
When installed on a mobile phone, this trojan monitors all incoming SMS messages and acts as a backdoor for receiving commands sent by an attacker via SMS messages.
Worm:W32/Downadup.AL
Worm:W32/Conficker.AL is a variant of Worm:W32/Downadup that can spread using three different methods and is capable of hiding its actions on the infected machine, as well as downloading files from remote sites.
Worm:W32/Downadup.A
Worm:W32/Downadup exploits a vulnerability in the Windows Server service to spread copies of itself across a network. The worm also attempts to download files from a remote server.