[Danger] HIGH = 0 MEDIUM = 1 LOW = 2 INFORMATIONAL = 3 [Verdicts] Undefined_H = 0, HIGH Viruses_and_Worms = 1, HIGH Trojan_programs = 2, HIGH Malicious_tools = 3, MEDIUM AdWare = 4, MEDIUM PornWare = 5, MEDIUM RiskWare = 6, LOW Undefined_M = 7, MEDIUM X-Files = 20, INFORMATIONAL SoftWare = 21, INFORMATIONAL UNDETECT = 30 [Behaviour] Trojan-ArcBomb = 100, Trojan_programs Backdoor = 101, Trojan_programs Trojan = 102, Trojan_programs Trojan-Clicker = 104, Trojan_programs Trojan-Downloader = 105, Trojan_programs Trojan-Dropper = 106, Trojan_programs Trojan-Notifier = 108, Trojan_programs Trojan-Proxy = 109, Trojan_programs Trojan-PSW = 110, Trojan_programs Trojan-Spy = 111, Trojan_programs Trojan-DDoS = 113, Trojan_programs Trojan-IM = 114, Trojan_programs Rootkit = 115, Trojan_programs Trojan-SMS = 116, Trojan_programs Trojan-Mailfinder = 312, Trojan_programs Trojan-Ransom = 117, Trojan_programs Trojan-GameThief = 118, Trojan_programs Trojan-Banker = 119, Trojan_programs Trojan-FakeAV = 121, Trojan_programs Packed = 120, Trojan_programs Exploit = 302, Trojan_programs VHO:Trojan = 102, Trojan_programs Email-Worm = 200, Viruses_and_Worms IM-Worm = 201, Viruses_and_Worms IRC-Worm = 202, Viruses_and_Worms Net-Worm = 203, Viruses_and_Worms P2P-Worm = 204, Viruses_and_Worms Worm = 205, Viruses_and_Worms Virus = 206, Viruses_and_Worms VHO:Worm = 205, Viruses_and_Worms EICAR-Test-File = 206, Viruses_and_Worms Constructor = 300, Malicious_tools DoS = 301, Malicious_tools Flooder = 304, Malicious_tools HackTool = 305, Malicious_tools Hoax = 306, Malicious_tools Spoofer = 313, Malicious_tools VirTool = 314, Malicious_tools Email-Flooder = 315, Malicious_tools IM-Flooder = 316, Malicious_tools SMS-Flooder = 317, Malicious_tools VHO:Hoax = 306, Malicious_tools HEUR:Backdoor = 101, Trojan_programs HEUR:Exploit = 302, Trojan_programs HEUR:Packed = 120, Trojan_programs HEUR:Trojan-Clicker = 104, Trojan_programs HEUR:Trojan-Downloader = 105, Trojan_programs HEUR:Trojan-Dropper = 106, Trojan_programs HEUR:Trojan-Notifier = 108, Trojan_programs HEUR:Trojan-Proxy = 109, Trojan_programs HEUR:Trojan-PSW = 110, Trojan_programs HEUR:Trojan-Spy = 111, Trojan_programs HEUR:Trojan-DDoS = 113, Trojan_programs HEUR:Trojan-IM = 114, Trojan_programs HEUR:Trojan-SMS = 116, Trojan_programs HEUR:Trojan-Mailfinder = 312, Trojan_programs HEUR:Trojan-Ransom = 117, Trojan_programs HEUR:Trojan-GameThief = 118, Trojan_programs HEUR:Trojan-Banker = 119, Trojan_programs HEUR:Trojan-FakeAV = 121, Trojan_programs HEUR:Trojan = 102, Trojan_programs HEUR:Virus = 206, Viruses_and_Worms HEUR:Worm = 205, Viruses_and_Worms HEUR:Email-Worm = 200, Viruses_and_Worms HEUR:Hoax = 306, Malicious_tools HEUR:AdWare = 400, AdWare MEM:Backdoor = 101, Trojan_programs MEM:Trojan = 102, Trojan_programs MEM:Trojan-Clicker = 104, Trojan_programs MEM:Trojan-Proxy = 109, Trojan_programs MEM:Trojan-PSW = 110, Trojan_programs MEM:Rootkit = 115, Trojan_programs MEM:KL-TEST-ROOTKIT = 115, Trojan_programs MEM:Virus = 206, Viruses_and_Worms not-a-virus:AdWare = 400, AdWare not-a-virus:Porn-Dialer = 500, PornWare not-a-virus:Porn-Downloader = 501, PornWare not-a-virus:Porn-Tool = 502, PornWare not-a-virus:Client-IRC = 601, RiskWare not-a-virus:Dialer = 602, RiskWare not-a-virus:Downloader = 603, RiskWare not-a-virus:Monitor = 604, RiskWare not-a-virus:PSWTool = 605, RiskWare not-a-virus:RemoteAdmin = 606, RiskWare not-a-virus:Server-FTP = 607, RiskWare not-a-virus:Server-Proxy = 608, RiskWare not-a-virus:Server-Telnet = 609, RiskWare not-a-virus:Server-Web = 610, RiskWare not-a-virus:RiskTool = 611, RiskWare not-a-virus:NetTool = 612, RiskWare not-a-virus:Client-P2P = 613, RiskWare not-a-virus:Client-SMTP = 614, RiskWare not-a-virus:WebToolbar = 615, RiskWare not-a-virus:FraudTool = 616, Undefined_H not-a-virus:Hoax = 306, Malicious_tools not-a-virus:VHO:AdWare = 400, AdWare not-a-virus:VHO:Downloader = 603, RiskWare not-a-virus:VHO:Monitor = 604, RiskWare not-a-virus:VHO:PSWTool = 605, RiskWare not-a-virus:VHO:RemoteAdmin = 606, RiskWare not-a-virus:VHO:RiskTool = 611, RiskWare not-a-virus:VHO:WebToolbar = 615, RiskWare not-a-virus:VHO:FraudTool = 616, Undefined_H not-a-virus:VHO:Hoax = 306, Malicious_tools not-a-virus:HEUR:AdWare = 400, AdWare not-a-virus:HEUR:Porn-Dialer = 500, PornWare not-a-virus:HEUR:Porn-Downloader = 501, PornWare not-a-virus:HEUR:Porn-Tool = 502, PornWare not-a-virus:HEUR:Client-IRC = 601, RiskWare not-a-virus:HEUR:Dialer = 602, RiskWare not-a-virus:HEUR:Downloader = 603, RiskWare not-a-virus:HEUR:Monitor = 604, RiskWare not-a-virus:HEUR:PSWTool = 605, RiskWare not-a-virus:HEUR:RemoteAdmin = 606, RiskWare not-a-virus:HEUR:Server-FTP = 607, RiskWare not-a-virus:HEUR:Server-Proxy = 608, RiskWare not-a-virus:HEUR:Server-Telnet = 609, RiskWare not-a-virus:HEUR:Server-Web = 610, RiskWare not-a-virus:HEUR:RiskTool = 611, RiskWare not-a-virus:HEUR:NetTool = 612, RiskWare not-a-virus:HEUR:Client-P2P = 613, RiskWare not-a-virus:HEUR:Client-SMTP = 614, RiskWare not-a-virus:HEUR:WebToolbar = 615, RiskWare not-a-virus:HEUR:FraudTool = 616, Undefined_H not-a-virus:HEUR:Hoax = 306, Malicious_tools not-a-virus: = 600, Undefined_M DEFAULT = 701, Undefined_H [Categories] not-a-virus:AdWare = 1001 not-a-virus:HEUR:AdWare = 1001 not-a-virus:VHO:AdWare = 1001 not-a-virus:RemoteAdmin = 1002 not-a-virus:HEUR:RemoteAdmin = 1002 not-a-virus:VHO:RemoteAdmin = 1002 not-a-virus:PSWTool = 1003 not-a-virus:HEUR:PSWTool = 1003 not-a-virus:VHO:PSWTool = 1003 not-a-virus:Monitor = 1004 not-a-virus:HEUR:Monitor = 1004 not-a-virus:VHO:Monitor = 1004 ;i386