Top-100 malware-virus threats.
This information is taken from our systems and which one is most searched for.
We hope that you can make good use of the information.
W32.Rontokbro@mm
This malware was reported by:
W32.Rontokbro@mm is a mass-mailing worm that causes system instability.
007Spy
This malware was reported by:
007Spy is a hacking tool. Though these programs are legitimate and useful tools when they are appropriately used, a hacker could take advantage of them in order to carry out malicious actions.007Spy logs the keystrokes typed by the user and the websites
New Malware.j
This malware was reported by:
W32/Rontokbro.gen@MM
This malware was reported by:
W32/Rontokbro.gen is a mass mailing worm which attempts to send a copy of itself to email addresses harvested from the computer.
The characteristics of this worm, with regard to file names, folders created, port numbers used, etc, will
RemAdm-PSKill
This malware was reported by:
Tool-WPAKill
This malware was reported by:
Adware-Malwarewipe
This malware was reported by:
Puper.dll
This malware was reported by:
Joke-Bluescreen.c
This malware was reported by:
W32.Rontokbro.K@mm
This malware was reported by:
W32.Rontokbro.K@mm is a mass-mailing worm that causes system instability. The email arrives with a blank subject line and an attachment of Kangen.exe.
W32.Rontokbro.B@mm
This malware was reported by:
W32.Rontokbro.B@mm is a mass-mailing worm that causes system instability.
W32/Sdbot.worm!ftp
This malware was reported by:
This is a detection for an FTP script which is dropped by a virus.
The machine which identifies the script has been remotely "attacked" by a machine which is infected with one of many variants of W32/SDBot.worm.gen.
These variants of W32/S
W32.Licum
This malware was reported by:
W32.Licum is a file-infecting worm that may spread by exploiting the Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS03-026).
Trojan.Nebuler
This malware was reported by:
Trojan.Nebuler is a Trojan horse that attempts to download and execute files from remote sites. It also sends information about the compromised computer to a remote site.
Trojan.Wimad
This malware was reported by:
Trojan.Wimad is a Trojan that downloads remote files from remote Web sites by exploiting the Digital Rights Management (DRM) technology available in Windows. The Trojan arrives on the compromised computer as a license-protected multimedia file.
JS/Exploit-BO.gen
This malware was reported by:
Trojan.Win32.Zapchast.al
This malware was reported by:
Bloodhound.Morphine
This malware was reported by:
Symantec antivirus products exclusively use the virus name Bloodhound.Morphine when a potentially unknown virus is found using Symantec Bloodhound technology. Bloodhound technology consists of heuristic algorithms used to detect unknown viruses. The actu
Swizzor.gen
This malware was reported by:
W32.Sinnaka.A@mm
This malware was reported by:
W32.Sinnaka.A@mm is a worm that uses its own SMTP engine to send itself as an email attachment.
Adware-Url.gen
This malware was reported by:
Tool-Tpatch
This malware was reported by:
Exploit-IEPageSpoof
This malware was reported by:
Hidrag
This malware was reported by:
Hidrag is a memory resident Win32 virus. It creates a dropper for
itself in Windows directory and sets a startup key for that file
in the Registy. Being active the virus looks for EXE files on all
available drives and infects them.
Trojan.Nebular
This malware was reported by:
Trojan.Nebuler is a Trojan horse that attempts to download and execute files from remote sites. It also sends information about the compromised computer to a remote site.
Trojan.Awax
This malware was reported by:
Trojan.Awax is a Trojan horse that attempts to download and execute files from a remote server. It will also send operating system information to this server and attempt to end security-related processes.
W32/Gael.worm.a
This malware was reported by:
This detection covers a parasitic worm virus that spreads to both host executables as well as over accessible systems on a network. The worm also downloads and executes other files.
When run, the worm infects .EXE files on the local system
Tenga.A
This malware was reported by:
Tenga.A is a virus with worm characteristics that downloads and runs the Trojan detected as Downloader.DNX.Tenga.A shows a very a complex infection routine, which it uses in order to infect all the executable files on the computer, excepting NTOSKRNL.EXE
Rivarts.A
This malware was reported by:
Rivarts.A is a Trojan that logs the keystrokes entered by the user, blocks web addresses and stores the certificates used in the affected computer. Then it connects to several PHP scripts hosted in different websites in order to send the data it has gath
W32.Alcra.F
This malware was reported by:
W32.Alcra.F is a worm that attempts to propagate through various file-share networks accessible with BearShare, LimeWire, Morpheus and
Shareaza applications. It also attempts to disable several programs on the compromised computer and drops a W32.Spybot
Trojan.Anserin
This malware was reported by:
Trojan.Anserin is a Trojan horse program that logs keystrokes and steals information entered into certain banking Web sites.
JS/Wonka
This malware was reported by:
W32/Brontok-L
This malware was reported by:
W32/Brontok-L is an email worm for the Windows platform.
W32/Brontok-L attempts to send itself to email addresses harvested from the computer. The worm will also attempt to modify various Windows Explorer settings.
W32/Generic.worm!p2p
This malware was reported by:
W32/Brontok-J
This malware was reported by:
W32/Brontok-J is an email worm for the Windows platform.
W32/Brontok-J attempts to send itself to email addresses harvested from the computer. It will also attempt to modify various Windows Explorer settings.
W32/Brontok-J will restart the
Exploit-ANIfile
This malware was reported by:
QLowZones-15
This malware was reported by:
W32.Ecup
This malware was reported by:
W32.Ecup is a worm that spreads through file-sharing networks.
Note: Definitions dated prior to May 31, 2006 may detect this threat as W32.Ecup!p2p.
Adware-Look2Me.dldr
This malware was reported by:
Generic PUP.a
This malware was reported by:
W32.HLLP.Sality
This malware was reported by:
W32.HLLP.Sality is a virus with keylogging and back door capabilities. It may infect executable files by prepending its code to host files.
Note: Virus definitions dated prior to January 17, 2006 may detect this threat as Backdoor.Rustok.
WORM_NYXEM.E
This malware was reported by:
Downloader-ZQ
This malware was reported by:
Exploit-WMF
This malware was reported by:
Adware-Cometsys
This malware was reported by:
Adware-Zeno
This malware was reported by:
W32.Alcra.B
This malware was reported by:
W32.Alcra.B is a worm that propagates through file-share networks and attempts to disable several programs on the compromised computer.
W32/Brontok-J
This malware was reported by:
W32/Brontok-J is an email worm for the Windows platform.
W32/Brontok-J attempts to send itself to email addresses harvested from the computer. It will also attempt to modify various Windows Explorer settings.
W32/Brontok-J will restart the
NTRootKit-J
This malware was reported by:
FakeAlert-B
This malware was reported by:
Bloodhound.Exploit.20
This malware was reported by:
Bloodhound.Exploit.20 is a heuristic detection for animated cursor(.ani) files that have been designed to exploit the Microsoft Windows Kernel .ani file Parsing and Denial of Service Vulnerability (BID 12094). The vulnerability is still unpatched by Mi
Trojan.Zlob.D
This malware was reported by:
Trojan.Zlob.D is a Trojan horse that creates an encryption key and can download and execute remote files.
Peep
This malware was reported by:
Bloodhound.Beagle
This malware was reported by:
Bloodhound.Beagle is a heuristic detection that detects variants of the W32.Beagle family of mass-mailing worms.
Puper
This malware was reported by:
W32.Rontokbro.U@mm
This malware was reported by:
W32.Rontokbro.U@mm is a mass-mailing worm that causes system instability on the compromised computer.
Infostealer.Wowcraft.D
This malware was reported by:
Infostealer.Wowcraft.D is a Trojan horse that attempts to steal sensitive information related to online games and send it to a remote attacker.
Trojan.Galapoper.A
This malware was reported by:
Trojan.Galapoper.A is a Trojan horse contacts a remote Web site and downloads other risks onto the compromised computer.
W32.Linkbot.M
This malware was reported by:
W32.Linkbot.M is a worm that exploits the Microsoft Windows LSASS Buffer Overrun Vulnerability (Microsoft Security Bulletin MS04-011) in order to propagate. It also creates a back door on the system accessible through IRC.
Note: Definitions prior to Ma
Trojan.Wayphisher
This malware was reported by:
Trojan.Wayphisher is a Trojan that modifies the hosts file and redirects HTTP access from financial sites to a predetermined Web site chosen by the remote attacker.
Adware-Qoolaid
This malware was reported by:
W32.Netsky.P@mm!enc
This malware was reported by:
Commwarrior.A
This malware was reported by:
Commwarrior is a worm that operates on Symbian Series 60 devices,
the worm is capable of spreading both over Bluetooth and MMS messages.
When Commwarrior infects a phone it will start searching other phones
that in can reach over Bluetooth and send
Trojan.Bomka
This malware was reported by:
Trojan.Bomka is a Trojan horse program that drops several threats on the compromised computer and uses rootkit techniques to hide its files.
Adware-Alexa
This malware was reported by:
W32/Brontok-D
This malware was reported by:
W32/Brontok-D is an email worm that sends itself to the addresses gathered from the infected computer by searching files with the following extensions:
ASP, CFM, CSV, DOC, EML, HTML, PHP, TXT, WAB
W32/Brontok-D may arrive attached with
PWCrack-PWDump
This malware was reported by:
PWS-JA
This malware was reported by:
Adware-MemWatcher
This malware was reported by:
W32/MyWife.d@MM!M24
This malware was reported by:
-- Update Jan 24, 2006 --
CME number assigned ( CME-24
)
This worm is proactively detected by 4642 and higher DATs as W32/Generic.worm!p2p. 4677 and higher DATs will detect this specifically as W32/MyWife.d@MM
This is a mass-mailin
Kangen
This malware was reported by:
W32/Brontok-D
This malware was reported by:
W32/Brontok-D is an email worm that sends itself to the addresses gathered from the infected computer by searching files with the following extensions:
ASP, CFM, CSV, DOC, EML, HTML, PHP, TXT, WAB
W32/Brontok-D may arrive attached with
HackTool
This malware was reported by:
Bloodhound.Exploit.56
This malware was reported by:
Bloodhound.Exploit.56 is a heuristic detection for the Microsoft Windows Graphics Rendering Engine WMF Format Unspecified Code Execution Vulnerability (as described in BID 16074).
W32/Alcan.worm!p2p
This malware was reported by:
Trojan.Popper
This malware was reported by:
Trojan.Popper is a Trojan horse that displays pop up advertisements and may download and install other threats.
ProcKill-BU
This malware was reported by:
TROJ_DLOADER.AJQ
This malware was reported by:
This Trojan arrives on a system as a downloaded file of TROJ_YABE.B. It registers itself as a service with the name AVP UPDATE IONTERFACE A6.
W32/Pate.a.dll
This malware was reported by:
This is an encrypted parasitic file-infecting virus and network aware worm. It appends PE EXE and SCR files in the Windows directory and subdirectories on the local system, as well as on any accessible network share. The virus creates an a
MailSkinner
This malware was reported by:
Bloodhound.Exploit.13
This malware was reported by:
Bloodhound.Exploit.13 is a heuristic detection for malformed JPEG files that are potentially related to the GDI+ integer overflow, described in Microsoft Security Bulletin MS04-028.
The files detected as Bloodhound.Exploit.13 may be malicious, or they m
W32/Bactera.worm!p2p
This malware was reported by:
This is a worm that spreads through eMule peer-to-peer network sharing software. The worm masquerades as a crack tool/key generator. Upon running this program, a fake error message is displayed. The worm runs silently, without showing any
Bloodhound.NsAnti
This malware was reported by:
Symantec antivirus products exclusively use the virus name Bloodhound.NsAnti when a potentially unknown threat is found using Symantec Bloodhound technology. Bloodhound technology consists of heuristic algorithms used to detect unknown threats. A file d
SillyP2P.A
This malware was reported by:
Win32.SillyP2P.A is a worm that spreads via peer-to-peer (P2P) networks targeting the KazaA network.
Adware-Need2Find
This malware was reported by:
Delete these directories
%programfilesdir%\NEED2FIND\BAR\1.BIN
%programfilesdir%\NEED2FIND\BAR
%programfilesdir%\NEED2FIND
Delete these files
%programfilesdir%\NEED2FIND\BAR\1.BIN\N2FFXTBR.JAR
%programfilesdir%\NEED2FIND\BAR\1.BIN\N2NTSTBR.JAR
%programfilesdir%\NEED2FIND\BAR\1.BIN\N2PLUGIN.DLL
%programfilesdir%\NEED2FIND\BAR\1.BIN\ND2FNBAR.DLL
NPND2FN.DLL
%programfilesdir%\NEED2FIND\BAR\1.BIN\PARTNER.DAT
Delete the following keys
NEED2FINDBAR.SETTINGSPLUGIN
NEED2FINDBAR.SETTINGSPLUGIN.1
NEED2FINDBAR.TOOLBARPLUGIN
NEED2FINDBAR.TOOLBARPLUGIN.1
NEED2FINDBAR.SETTINGSPLUGIN
NEED2FINDBAR.SETTINGSPLUGIN.1
NEED2FINDBAR.TOOLBARPLUGIN
NEED2FINDBAR.TOOLBARPLUGIN.1
{4D1C4E89-A32A-416B-BCDB-33B3EF3617D3}
{F78B32D6-D6D8-4137-A18F-91EBE1A4AEDB}
{630D6140-04C5-4DB0-B27A-020D766FF09B}
{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3}
{4D1C4E8B-A32A-416b-BCDB-33B3EF3617D3}
{4D1C4E8A-A32A-416B-BCDB-33B3EF3617D3}
{4D1C4E8C-A32A-416B-BCDB-33B3EF3617D3}
{4D1C4E80-A32A-416B-BCDB-33B3EF3617D3}
{014DA6C9-189F-421A-88CD-07CFE51CFF10}
{4D1C4E89-A32A-416B-BCDB-33B3EF3617D3}
{F78B32D6-D6D8-4137-A18F-91EBE1A4AEDB}
{630D6140-04C5-4DB0-B27A-020D766FF09B}
{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3}
{4D1C4E8B-A32A-416b-BCDB-33B3EF3617D3}
{4D1C4E8A-A32A-416B-BCDB-33B3EF3617D3}
{4D1C4E8C-A32A-416B-BCDB-33B3EF3617D3}
{4D1C4E80-A32A-416B-BCDB-33B3EF3617D3}
BAR
NEED2FIND
NEED2FINDBAR UNINSTALL
{4D1C4E81-A32A-416B-BCDB-33B3EF3617D3}
{4D1C4E89-A32A-416B-BCDB-33B3EF3617D3}
{4D1C4E81-A32A-416B-BCDB-33B3EF3617D3}
Delete the following registry values
{4D1C4E89-A32A-416B-BCDB-33B3EF3617D3}
{4D1C4E89-A32A-416B-BCDB-33B3EF3617D3}
W32/Brontok-E
This malware was reported by:
W32/Brontok-E is a worm that spreads by copying itself to network shares and by emailing itself to addresses harvested from files stored locally.
W32/Brontok-E includes functionality to:
- modify the HOSTS file in an attempt to preven
W32.Chod.D
This malware was reported by:
W32.Chod.D is a worm with back door capabilities that spreads via MSN Messenger. The worm also lowers security settings and blocks access to several Web sites.
Adware-SpySheriff
This malware was reported by:
BackDoor-CMQ
This malware was reported by:
VBS.Gaggle.E@mm
This malware was reported by:
VBS.Gaggle.E is a variant of VBS.Gaggle.D. It is a mass-mailing worm that overwrites several files.
This worm can infect the following file types:
.vbs
.vbe
.js
.jse
.hta
.htm
.html
.php
.shtm
.shtml
.phtm
.phtml
.mht
.mhtml
.plg
.htx
The worm ret
Cookie-2o7
This malware was reported by:
Backdoor.Abebot
This malware was reported by:
Backdoor.Abebot is a Trojan horse that opens a back door and lowers security settings on the compromised computer.
Adware-PestTrap
This malware was reported by:
Generic Downloader.ab
This malware was reported by:
New Malware.n
This malware was reported by:
SillyDl
This malware was reported by:
WORM_RONTOKBRO.B
This malware was reported by:
W32.Alcan.A
This malware was reported by:
W32.Alcra.A is a worm that spreads through file-sharing networks, such as Kazaa, Ares, eMule, Morpheus, Grokster, Bearshare, Limewire eDonkey2000, Gnucleus, Shareaza, and Rapigator. The worm also drops a W32.Spybot.Worm variant into the compromised com
W32/Gael
This malware was reported by:
For details on this threat, see:
http://vil.nai.com/vil/content/v_134857.htm
Top of Page
Higlieder.A
This malware was reported by: