resycled\ntldr.com is a worm that usually spreads on local and removable USB drives. resycled\ntldr.com can modify system files and prevent access on the infected drives. When removed with antivirus it will display a message “resycled\ntldr.com is not a valid Win32 application” because some remnants are still present.

Worm.Yaha.L is a worm that can gather email addresses on compromised computer and spreads via mass-mailing itself on collected contacts and creates its own SMTP engine. Worm.Yaha.L can end security-related process and prevent users from accessing security websites.

Win32.Zafi.B is a threat being displayed by a fake antivirus program to trick computer users and forced them to acquire an illegitimate and unwanted security application. On some instances, if the threat was detected by a legitimate and known antivirus programs, Win32.Zafi.B is a real threat and may be given attention before it futher harm your computer.

Win32/Conficker.V is a worm that took advantage of the system vulnerability (MS08-067) to spread and make a copy of itself in the System directory with a random filename. Win32/Conficker.V embed itself into “services.exe” process to run itself when Windows is started.

VBS_AUTORUN.HAI is a malicious VBS file that can be obtained from websites or it can be dropped by a malware. VBS_AUTORUN.HAI can run itself on infected computer by creating a registry entries.

W32.Mariofev.worm is a worm that can propagate itself by creating a copy on local drives and unsecured network shares.

Win32/Conficker.A is a worm that spreads by exploiting the MS08-067 vulnerability. Execution of Win32/Conficker.A can create a service in Windows so that the worm loads itseld when Windows is started.

Backdoor Win32.Sdbot.aad is a worm that spreads via unprotected network shares and peer-to-peer connections. Backdoor Win32.Sdbot.aad privides a backdoor server which allows a remote intruder to gain full access on infected computer.