This program was detected by definitions prior to 1.175.2424.0 as it violated the guidelines by which Microsoft identified unwanted software. Based on analysis using current guidelines, the program does not have unwanted behaviors.

Trojan:Win32/Punad.G trojan is an executable written in Visual Basic. Once installed it attempts to redirect the browser to pay-per-click sites using Internet Explorer, possibly generating hits for third party affiliates.

Trojan:Win32/Rimecud.AC is a malicious program that is unable to spread of its own accord. It may perform a number of actions of an attacker's choice on an affected computer.

TrojanDownloader:Win32/Clicker.B is a trojan that silently downloads and installs other programs without consent. This could include the installation of additional malware or malware components to an affected computer.

This program was detected by definitions prior to 1.175.1915.0 as it violated the guidelines by which Microsoft identified unwanted software. Based on analysis using current guidelines, the program does not have unwanted behaviors.

TrojanClicker:Win32/Zirit.X is a generic detection for several variants of a trojan DLL which repeatedly visits web pages it is instructed to visit by a remote server. It may also result in the display of pop-ups.

Win32/Agent.UNX is multi-component malware that downloads files from a remote site and sends information about the affected system to an external location. The trojan consists of three elements – an installer, a dropper and a downloader.

Trojan:Win32/Zbot.CJ is a password stealing trojan with remote access functionality. This trojan may inject code into running processes and download files from a predefined Web site. In the wild, this trojan has been observed distributed in spam e-mail messages as an attachment named "World_CONFR.zip".

Trojan:Win32/Zbot.CJ is a password stealing trojan with remote access functionality. This trojan may inject code into running processes and download files from a predefined Web site. In the wild, this trojan has been observed distributed in spam e-mail messages as an attachment named "World_CONFR.zip".

Trojan:Win32/BHO.AH is a trojan component installed by TrojanDropper:Win32/Henbang.A. The trojan runs as part of an adware application that uses a Web browser helper object (BHO) to display advertisements based on Web surfing habits.

Trojan:Win32/BHO.AI is a trojan component installed by TrojanDropper:Win32/Henbang.A. The trojan runs as part of an adware application that uses a Web browser helper object (BHO) to display advertisements based on Web surfing habits.

Trojan:VBS/Startpage.G is a VBScript component that modifies Internet Explorer settings by adding hyperlinks to the favorites menu. 

Trojan:Win32/BHO.BF is a trojan that runs as a Web Browser Helper Object (BHO). When the Web browser is launched, the trojan will execute and capture user entered data.

Adware:Win32/AdRotator delivers advertisements, and as the name suggests, "rotates" advertisements among sponsors. AdRotator contacts remote Web sites in order to deliver updated content. This application also displays fake error messages that encourage users to download and install additional applications.

TrojanClicker:Win32/Vbadult.A is a trojan that launches Internet Explorer to open sites containing adult content.

Trojan:Win32/MotePro may display advertisement pop-ups, and download programs from predefined Web sites. When installed, Win32/MotePro runs as a Web Browser Helper Object (BHO).

Trojan:Win32/Fotomoto.A is a Trojan that lowers security settings, delivers advertisements, and sends system and network configuration details to a remote Web site.

Backdoor:Win32/Refpron.D is a backdoor trojan that may perform activities such as downloading and executing arbitrary files, deleting files, terminating files, and sending system information to a remote server. It may download components that allow it to collect per-click advertising revenue from other websites.

TrojanDownloader:Win32/Vorloma.A is a trojan that downloads and runs unwanted software or malware, such as TrojanSpy:Win32/Vorloma.A (a trojan spy that disguises itself as an antivirus security program and monitors banking and email websites).

You may download and run TrojanDownloader:Win32/Vorloma.A thinking it is a legitimate application.

In the wild, we have observed the trojan masquerading as a game cheat tool, game loader and as a tool used to fix computer game graphics. We have seen it distributed through legitimate software discussion forums. The trojan is not affiliated with the forum, rather the trojan's authors are using the reputable name of the forum to lure you into believing the file is legitimate.

EliteBar displays pop-up advertisements on the desktop and may take other actions without user consent. It may add its own toolbar in Internet Explorer, for which it may install a browser helper object (BHO). EliteBar may also change the user's Internet Explorer home page and add its own "favorites" URLs to the user's Favorites list. Elitebar employs user-mode rootkit techniques to hide some of its files, processes, and registry entries, so that these resources are not visible in system utilities such as Windows Explorer, Task Manager, and Registry Editor. Elitebar may be installed without notifying the user, and may silently download and install updates or other executable code.