Trojan Horse Injector

Trojan Horse Injector is a generic detection for variants of Trojan that injects a malicious code on web files. This threat may possess payload to alter web site’s layout and to infect visitor’s computer with the injected codes. Since this is a typical detection process for different types, symptoms and effects may vary from one infection to another. Although, one common indication for an infected computer is alert messages originating from installed antivirus program stating compromised .php, .htm, and .html files. More

Obfuscated Script.f!58

Obfuscated Script.f!58 is an identification given to any web pages that are modified to host malicious content. This detection is for Obfuscated Java Script code that Trojan has injected to compromised web page. The script intends to drop additional malware onto visitor’s computer that causes Internet browser to redirect to unwanted web site hosting more threats. Authors conceal Obfuscated Script.f!58 from security program by using a complicated method in running its process on the system. It may inject code to system processes in order to hide the Trojan’s activity. More


TROJ_SMALL.UY is a Trojan that can drop another threat on to the infected computer. People may acquire this by visiting malicious websites. This Trojan will pretend as a legitimate Adobe Flash player updated to penetrate and install itself on victim’s computer. Presence of TROJ_SMALL.UY may set off malfunctions in Windows operating system. It can also endanger the privacy of computer users by exposing sensitive data to an attacker. More


Win32/Delf.OHS is a trojan program that provides a remote unauthorized  control over the infected computer.  Win32/Delf.OHS is a Windows PE EXE file, written in Borland Delphi and compressed using ASPack. This Trojan will connect to an IRC server via TCP port 3195 and receive commands from the remote attacker.


Win32.Virut.56 or also known as Virus:Win32/Virut.BN, propagates by infecting .exe and .scr files on a computer and network-shared resources. Win32.Virut.56 comes from the Virut family of Trojan that has infected millions of computers worldwide. These types of Trojans may corrupt the operating system because it tends to infect mostly system files. Due to immense damage, virus removal from affected files is often impossible. This may result for Windows operating system to fail. When that happens, only solution left is reformatting the hard drive and installing a fresh copy of Windows. More


Packed.Win32.Tdss.f is a Trojan that can hide its presence when infecting system files by injecting a code on legitimate Windows processes. This highly advanced method of infection is called rootkit technique. Packed.Win32.Tdss.f is also capable of creating a backdoor port to allow a remote attacker to gain full access on the compromised computer without user’s consent. This approach may give an attacker access to sensitive data that are stored on the system. More



Packed.Generic.200 is a usual detection for malicious files that were packed or encrypted to conceal itself from antivirus programs. Packed.Generic.200 can further harm the computer by downloading more threats from a remote server. This detection may cover Backdoor.Tidserv, Trojan.Fakeavalert, Trojan.Zlob families. Malware authors typically encrypt the Trojan using a packer that in not commonly used for lawful intention. More


WMA.Wimad.Drp is a detection method to identify malicious or infected MP3 files. This Trojan usually spreads through file-sharing networks and infects multimedia files on victim’s computer. The Trojan may also infect several driver and dynamic link library (DLL) files on the compromised system. More

Trojan.Mournor or W32.Mournor

Trojan.Mournor or W32.Mournor is a computer worm that alters certain system files and downloads additional threats coming from a remote server. The worm may propagate by infecting removable USB drives and network shared drives that have weak protection. It replaces genuine explorer.exe file with a modified one and moved it to a different folder. This method will allow the Trojan to execute when user opens Windows Explorer. More



Backdoor.Tidserv is a Trojan horse that allows remote unauthorized access on infected computer by creating a backdoor port. Backdoor.Tidserv remains hidden from the system with its use of advanced rootkit techniques. Once inside the computer, this Trojan can redirect Internet browser’s search result to a set of web addresses. Upon visiting said web sites, the Trojan will display pop-up ads and fake virus scanners to promote a rogue security product. More