Trojan

• Bifrost ( 336 Articles )
  This is the currently hot category if virus. I can see dozens of variants everyday. Therefore I had to create a special category for it
• Voronezh ( 17 Articles )
  This virus is identified as
  
  • Voronezh.1600.A [PCTools]
  • Trojan.Gen [Symantec]
  • Trojan.Win32.Buzus.dzbl [Kaspersky Lab]
  • VirTool:Win32/VBInject.gen!DP [Microsoft]
• GameThief ( 13 Articles )
  It is a type of trojan virus that tries to steal the user names and passwords of users playing Internet Games.
• ZBot ( 264 Articles )
  ZBot Trojan is a banking trojan that disables firewall, steals sensitive financial data (credit card numbers, online banking login details), makes screen snapshots, downloads additional components, and provides a hacker with the remote access to the infected computer. It keeps itself hidden by making its files and folders as Hidden files/folders.
• Dropper ( 27 Articles )
  Trojan-Dropper.Agent or Trojan-Downloader.Agent is a threat that drops malicious files. It  is a trojan with rootkit capabilities which is able to hide malware on infected machines. It contacts a remote server to get a list of files to download and install other malware on the affected machine. It also attempts to disable security-related applications based on their filenames.
• Proxy.Slaper ( 12 Articles )
  Trojan-Proxy.Slaper is a virus that compromises computer by opening a proxy server on it. It is a variant of Trojan.Mailbot that allows a infected system to be used as a spam-email server.
• W32.Bancos ( 112 Articles )
  W32/Bancos, is known by different names
  
  Win-Trojan/Bancos (AhnLab)
  • W32/Bancos (Authentium (Command))
  • Trojan horse PSW.Banker3 (AVG)
  • Trojan.Spy.Banker (BitDefender)
  • Win32/Bancos (CA)
  • Trojan-Banker.Win32.Bancos (Kaspersky)
  • PWS-Banker.gen.i (McAfee)
  • Trj/Bancos (Panda)
  • Troj/Banker (Sophos)
  • Infostealer.Bancos
  It steals the sensitive information like usernames/ passwords/ credit card details/ banking account details etc, using a keylogger component and a mailing component. It sends this data to a hacker who had created that virus.
• W32.Sality ( 151 Articles )
  W32 Sality is a polymorphic file infector that target Windows executable files with extensions .SCR or .EXE. It may delete files with certain extensions and terminates security-related processes and services.
• Chifrax ( 10 Articles )
  Trojan:W32/Chifrax is a family of maliciously modified self-extracting archive executable files (SFX RAR files) that drop and execute arbitrary malware
• Azvhan ( 1 Article )
  Trojan.Azvhan is a Trojan horse virus that can launch denial of service (DoS) attacks and opens a back door on the infected computer.
• Backdoor.Beastdoor ( 11 Articles )
  Backdoor.Beastdoor  embeds itself into explorer.exe and iexplore.exe which can run without notice by the user. This trojan behaves as a backdoor which can be configure to disable firewalls and AV applications. Once run, it allows attacker to gain access and control over the infected machine. This trojan is also capable of sending notification to the attacker via email and ICQ.
• Vundo ( 16 Articles )
  Trojan.Vundo or Virtumonde is a component of an adware program that displays pop-up ads on an infected computer. It could be installed after visiting a Web site link from a spam mail. It typically registers a 32-bit in-process server DLL and creates a Browser Helper Object (Microsoft's Internet Explorer plugin module). It loads its DLL files in the address space of legitimate windows processes and of other legitimate applications so as to hide its presence on the computer.   I will list the different variations of this virus under this category.
• Safis ( 1 Article )
  Trojan.Sasfis is a Trojan horse that downloads and executes other files.
• Bamital ( 29 Articles )
  Trojan Win32 Bamital is a trojan often installed by other malware. It monitors and modifies Web search queries and displays advertisements. It is triggered when the browser is Internet Explorer, Opera, Firefox, Chrome, or Safari.
• Win32 Sefnit ( 9 Articles )
  This is a new Trojan virus. Some notable points are that it creates a folder that looks like some legitimate program, and also creates a DLL file with the same name. Thus creating an illusion of it being something important or useful.
• Win32 VBInject ( 23 Articles )
  Win32 VBInject is obfuscated Visual Basic compiled malicious code. The malicious code or file is usually encrypted and/or compressed, and is decrypted and decoded before it is injected into a process or dropped and executed.
• Backdoor LolBot ( 3 Articles )
  This virus/ worm Backdoor LolBot is known to communicate with a remote IRC channel , this can be used to hack into the computer.
• Backdoor ( 5 Articles )
  A malicious backdoor trojan runs in the background and allows remote access to the compromised system
• Saluni ( 1 Article )
  Trojan Saluni is a Trojan horse that attempts to steal information from the compromised computer. It is also known as Infostealer.Saluni, Trojan-PSW.Saluni
• Downloader ( 42 Articles )
  A program that downloads harmful files to the infected computer
• Lineage ( 1 Article )
  Infostealer Lineage is a Trojan virus which steals the password to the "Lineage" online game and sends it to the hacker
• QQPass ( 2 Articles )
  Hacktool PWS QQPass is a Trojan creation tool. The Trojans created with this tool can be programmed to steal dial-up networking telephone numbers and passwords, as well as the passwords of OICQ, a popular Chinese chat program
• Win32.Scar ( 5 Articles )
  Trojan Win32.Scar  is a malicious trojan horse or bot
• VBKrypt ( 15 Articles )
  Trojan VBKrypt is a trojan virus that infects the computer through an email attachment. 
• Win32 Venik ( 10 Articles )
  It is a Trojan  Backdoor. It creates a semi randomly named DLL file in the C:\Windows\System32 folder. It also creates a malicious service.
• Zefarch ( 61 Articles )
  

  Trojan Zefarch is also known as Malware Hiloti
  

• Goriadu ( 1 Article )
  Trojan Win32 Goriadu is a trojan which tries to download other harmful virus files from the Internet. It is probably a part of other malware.
• Win32 Comame ( 2 Articles )
  It is identified as Trojan Win32/Comame by Microsoft. 
• Poison ( 16 Articles )
  It is a backdoor trojan virus. it is also known as Win32.Poison, Trojan.Win32.Genome etc. There are several variations of this virus
• Win32 Malagent ( 5 Articles )
  Trojan:Win32/Malagent Downloads and executes arbitrary files, modifies registry, Creates remote threads in external processes.
• Win32 Ircbrute ( 2 Articles )
  Trojan Win32 Ircbrute is a backdoor Trojan that use Internet Relay Chat (IRC) for remote command and control of the affected computer
• Spyeye ( 97 Articles )
  Trojan Win32 Spyeye is a trojan that captures keystrokes and steals login credentials through a method known as "form grabbing". It then sends the captured data to a hacker. It can update itself and has a rootkit component to hides it's activities.
• Gootkit ( 1 Article )
  Win32/Gootkit.C is a trojan virus that installs another virus Win32.Conficker
• Swizzor ( 2 Articles )
  It is also known as Trojan.Gen,Trojan.Win32.Swizzor.d,Mal/Swizzor-K Action:Trojan.Gen,Trojan.Win32.Swizzor.d,Mal/Swizzor-K. It deletes the Safeboot registry keys in an attempt to disable safeboot on the computer.
• Banload ( 9 Articles )
  Win32 Banload is a family of trojans that downloads other malware. These downloaded malware steal banking credentials and other sensitive data, and send it back to a hacker
• ServStart ( 5 Articles )
  Trojan:Win32/ServStart.A is a trojan that allows limited remote access and control and that connects to a remote server to report its installation on an affected computer.
• Momibot ( 8 Articles )
  Backdoor Win32 Momibot is a backdoor trojan that connects to hackers IRC servers to perform various actions on the infected computer
• Carberp ( 1 Article )
  It is named as TrojanDownloader:Win32/Carberp.A, Packed.Win32.Krap.ao etc
  
• Murlo ( 2 Articles )
  It is named as Trojan-Downloader.Win32.Murlo.frl
• Zapchast ( 11 Articles )
  Backdoor:IRC/Zapchast opens a backdoor on the infected computer.
  It installs the mirc chat client, and uses that client to connect to an IRC server which allows attackers to remotely administer the Trojan.
• Magania ( 16 Articles )
  This virus is named as Trojan-GameThief.Win32.Magania.dmdr by Kaspersky Lab
• Bredolab ( 1 Article )
  Trojan.Bredolab is a Trojan horse that downloads and executes a file from the Internet.
• Adload ( 1 Article )
  This category ov viruses are identified as Trojan-Downloader.Win32.Adload by Kaspersky Lab
• Cosmu ( 4 Articles )
  This virus is identified as Trojan.Win32.Cosmu by Kaspersky Lab
• Oficla ( 26 Articles )
  Trojan:Win32/Oficla is a family of trojans  that attempts to inject code into a running process to download a rogue security program
• Banbra ( 21 Articles )
  Trojan Banbra is a banking Trojan, that attempts to steal banking related information from the infected computer
• Cetorp ( 42 Articles )
  Win32 Cetorp is a malicious Trojan that contains backdoor functionality that gives an unauthorized user access to an affected machine.
• Exploit.Java.Agent ( 8 Articles )
  Exploit:Java/Agent identifies various specially-crafted Java Class files that exploit vulnerabilities in the Java Virtual Machine (VM) to download and execute malicious files on the affected machine.
• ADH ( 6 Articles )
  Trojan.ADH is a name given to entirely new malware threats without traditional signatures. These are malicious software that has been intentionally mutated or morphed by attackers.
• Generic ( 716 Articles )
  These are the viruses identified as generic Trojan Horse.
• Hupigon ( 6 Articles )
  Win32/Hupigon is a family of backdoor Trojans.
• GrayBird ( 6 Articles )
  Backdoor.Graybird is a back door Trojan Horse that gives its creator unauthorized access to your computer.
• Singu ( 4 Articles )
  Singu is a back door Trojan virus that allows unauthorized access to the infected computer. It also attempts to update itself over the Internet.
• Clampi ( 10 Articles )
  Trojan.Clampi, also known as Ligats and Ilomo,  attempts to steal login credentials related to online banking and other financially related websites.
• Flush ( 2 Articles )
  Trojan Flush is known to impacts network traffic with Address Resolution Protocol (ARP) requests and lowers security settings. It is also named as Win32.PolyCrypt, Win32/Obfuscator, Win32.DNSChanger
• Stuxnet ( 15 Articles )
  W32 Stuxnet targets industrial control systems in order to take control of industrial facilities, such as power plants.
• Backdoor ( 2 Articles )
  A backdoor in a computer system is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice), or could be a modification to an existing program or hardware device. You can read more about backdoor on Wikipedia
  
• Vilsel ( 3 Articles )
  Is also known as Trojan.Gen [PCTools], Trojan.Gen [Symantec], Trojan.Win32.Vilsel [Kaspersky Lab],
  Generic.dx! [McAfee], Virus.Win32.OnLineGames [Ikarus], packed with: UPX [Kaspersky Lab]
• Progent ( 4 Articles )
  Trojan.Progent is Trojan Horse that steals sensitive information (login name/ passwords/ banking details etc)  from the infected computer  and send it to the hacker
• StartPage ( 4 Articles )
  Trojan.StartPage changes a browser’s home page. It may exploit the browser to run other threats, or lead to rogue/ fake programs
• Slugin ( 2 Articles )
  W32.Slugin.A is a virus that opens a back door and spreads by infecting EXE files found on all drives accessible from the infected computer.
• Comisproc ( 3 Articles )
  Trojan:Win32/Comisproc is a virus that may drop malicious files in the Windows and Windows system folders.
• Bootkit ( 1 Article )
• Cycbot ( 1 Article )
  Backdoor.Cycbot,  Cycbot!gen2, Win32.Gbot is a Trojan horse that opens a back door on the infected computer.
• Malcol ( 2 Articles )
  It is a new trojan virus
• Panddos ( 2 Articles )
  Trojan.Panddos is described as a Trojan horse that uses the infected computer to launch Denial of Service attacks.
• Cetorp ( 34 Articles )
  Win32 Cetorp is described as a backdoor trojan virus, that can download more harmful files on the computer
• Beastdoor ( 1 Article )
  Backdoor.Beastdoor/ Beasty embeds itself into explorer.exe and iexplore.exe which can run without notice by the user. This trojan behaves as a backdoor which can be configure to disable firewalls and AV applications. Once run, it allows attacker to gain access and control over the infected machine. This trojan is also capable of sending notification to the attacker via email and ICQ.
• Peacomm ( 6 Articles )
  Trojan.Peacomm is a Trojan horse that drops a file to download another program. It is reportedly attached to spammed email. It may also be dropped by W32.Mixor.Q@mm. It may also arrive as an attachment to a spammed email.
• Chekafe ( 3 Articles )
  Trojan Downloader Win32/Chekafe.A is reported to be a trojan that downloads and executes arbitrary files. It also checks if the infected computer is in an Internet Café. It then sends this information along with the system's MAC address, to the attacker.
• Buzus ( 6 Articles )
  Trojan.Buzus opens a backdoor on the infected computer and tries to steal financial data (like credit card numbers, online banking details etc.), passwords from various email and FTP applications.  It also tries to disable security settings of various security programs.
• Usuge ( 9 Articles )
• Virtum ( 4 Articles )
  This category includes writeups of different instances of Trojan Virtum
• PcClient ( 8 Articles )
• Bandook ( 3 Articles )