Win32/Tnega is a family of Trojans that drop a malicious DLL component file and connect to a server for its Backdoor routines.

Win32/Tedroo is a family of bot-controlled Trojans designed to send mass and targeted spam email messages. It communicates to command and control servers to retrieve email details and SMTP servers.

Win32/Stration is a multi-component, mass-mailing worms that downloads and executes other components. Stration variants usually use code that is generated differently with each variant, along with varying encryption methods, in order to avoid detection by anti-virus vendors. The worm can also disable security-related services running on the affected system and modify the Windows Hosts file.

Win32/Swizzor is a family of Trojan downloader that injects code into the Internet Explorer to track user?s browsing behavior and serve adware or/and download other threats from the internet.

Win32/Spyrat is a family of Trojans generated from known remote administration toolkit “Spy-Net” . Spyrat is capable to injects itself into other running , enable backdoor client-server functionalities, employs rootkit technology to hide its presence into affected system, monitor and log user’s keystroke and sends harvested logs/information via remote FTP server, spread itself via removable…

Win32/Small is a family of Trojan downloader that is written in few lines of code. It is relatively small size (often in kilobytes) of malicious code containing instruction to download and execute other sets of malicious package from the internet.

Win32/Spyeye is a family of bot controlled Trojan design to capture keystrokes using “form grabbing” method of internet browser like Firefox and Internet Explorer. It employs rootkit technology to hide its process, files and registry entries in the infected system. It transmits harvested data to a remote server and may receive remote instructions to download and install other malicious files.

Win32/Sinowal aka “Torpig” is a family of bot controlled Trojan design to steal sensitive information including online banking credentials. It transmits harvested data to a remote server via HTTP communication channel. Win32/Sinowal is distributed and installed by the Win32/Mebroot botnet.

Win32/SillyAutorun is a family of self-replicating programs that spreads via removable and physical drives.

Win32/SillyBHO is a family of Trojans that registers itself as a Browser Helper Object (BHO) and steals information about a user’s Internet browsing.