Search Solo Products, Services and others Overview of the Site Design and Build a Career Contact us for customer service and other feedback info SRN Micro Privacy Statement

 

Top Virus Threats

High

W32.Conficker.Worm aka Conficker Worm
[ I-Worm/Kido, WORM_DOWNAD.AD , Worm:Win32/Conficker.gen!A , Net-Worm.Win32.Kido Worm:Win32/Conficker.gen!A, Worm:W32/Downadup ]

Medium

Trojan Dropper.Win32.Flystud.ko aka W32/Autorun.worm.dq
[W32/Nuj.A.gen!Eldorado , W32/Autorun.Worm.Gen, Autorun Worm, W32.SillyFDC, Mal/SillyFDC-A ]

Medium

W32.Rontokbro.Z@mm aka Brontok Worm
[ I-Worm/Brontok.n, WORM_RONTKBR, W32/Rontokbro, Email-Worm.Win32.Brontok.n, W32/Korbo ]

Medium

Trojan.Zlob aka Zlob Trojan Downloader
[ W32/Zlob, Trojan-Downloader.Win32.Zlob, Zlob, Win32.Trojandownloader.Zlob ]

Medium

Worm.Win32.AutoRun aka Autorun Worm
[ WORM_AUTORUN.CZ , W32/Autorun.Worm.Gen, Autorun Worm, W32.SillyFDC, Mal/SillyFDC-A ]

Medium

Worm.Win32.AutoIt aka Trojan.Win32.AutoIt.CI
[ Trojan.Win32.Autoit.ci, W32/Sohana-AZ, W32/YahLover.worm, W32.Imaut, TR/Autoit.CI.14 W32/Autorun-GG, WORM_DELF.FKZ ]

Most Popular Viruses

VIRUS NAME

DETAILS

Backdoor.Bot

Backdoor.Bot is a hacker agent, it allows the computer to be remotely controlled by another user. | More details

W32.Netsky.T@mm

Netsky.T worm arrives as an e-mail attachment. The infected attachment name, message body and subject is randomly chosen by the worm. | More details

W32.Stration@mm

Stration aka Warezov is a mass mailing worm, uses e-mail addresses collected from the infected system to distribute infected messages. Stration worm arrives as an e-mail attachment. It has the ability to download new variants of malware from Internet.| More details

W32.Blackmal.E@mm

W32.Blackmal.E@mm aka VB.BI is a mass mailing worm, uses e-mail addresses collected from the infected system to distribute infected messages. It attempts spread through network shares.| More details

W32.Sober.X@mm

Sober.X is a mass mailing worm uses e-mail addresses collected from the system to distribute infected mails. The worm uses its own SMTP engine to spread. The infected mail will be in English or German.| More details

W32.Beagle.AV@mm

Beagle.AV is a mass mailing worm, uses e-mail addresses collected from the infected system to distribute infected messages. Beagle worm arrives as an e-mail attachment. | More details

W32.Sasser.Worm

Sasser is a network Worm,  exploits a remote code execution vulnerability LSASS to infect target systems. It scans for IP addresses and infects unpatched systems. This worm targets Windows 2000, and Windows XP systems. | More details

W32.Netsky.P@mm

Netsky.P is a modified variant of Netsky.C worm. This mass mailing worm spreads using  e-mail addresses collected from MSG, OFT, SHT, DBX, TBB, ADB, DOC, WAB, ASP, UIN, RTF, VBS, HTML, HTM, PL, PHP, TXT, SHTM, DHTM, CGI and EML files to distribute infected messages. Netsky.P worm arrives as an e-mail attachment. | More details

W32.Netsky.D@mm

Netsky.D is a modified variant of Netsky.C worm. This mass mailing worm spreads using  e-mail addresses collected from MSG, OFT, SHT, DBX, TBB, ADB, DOC, WAB, ASP, UIN, RTF, VBS, HTML, HTM, PL, PHP, TXT, SHTM, DHTM, CGI and EML files to distribute infected messages. Netsky.D worm arrives as an e-mail attachment. The infected attachment name, message body and subject is randomly chosen by the worm. | More details

W32.Mydoom.A@mm

Novarg aka Mydoom is a mass mailing worm, uses  e-mail addresses collected from .wab, .adb, .tbb, .dbx, .asp, .php, .sht, .htm, .txt files to distribute infected messages. Novarg worm arrives as an e-mail attachment. The infected attachment name, subject and message body is randomly chosen by the worm. The worm also spreads using KaZaA P2P network. | More details

W32.Blaster.Worm

Blaster worm exploits a vulnerability DCOM RPC [ Buffer Overrun In RPC Interface ] to infect target systems. The worm randomly scans for IP addresses [ X.X.X.0  Example: 202.124.64.0 ] and infects the vulnerable systems. This worm targets Windows NT, 2000, XP, and Windows Server 2003 systems. | More details

W32.Klez.H@mm

Klez.H is a modified variant of original Klez.E worm and it is rapidly spreading in the wild. I-worm/Klez.H arrives as an e-mail attachment with different names. | More details

W32.Yaha.K@mm

Yaha.K is a mass mailing worm uses e-mail addresses stored in Windows Address book and also collects addresses from .ht* files to distribute infected messages. It also spreads through MSN messenger list, ICQ list and Yahoo pager list. | More details

W32.Bugbear@mm

BugBear is an Internet worm, uses e-mail addresses stored in Windows Address book and network shares. It also collects addresses from .dbx, .mbx, .eml, and .ocs files to distribute infected messages. The worm randomly chooses the message body and subject. | More details

Worm/Opaserv.A

Opaserv is a network worm, spreads using shared network drives.  Opaserv infects only the network shares and it will not spread using e-mail attachments. When executed, it will search for Windows folder in the local system and network and copies to "Scrsvr.exe". | More details

W32.Yaha.E@mm

Yaha.E is a mass mailing worm uses e-mail addresses stored in Windows Address book and also collects addresses from .ht* files to distribute infected messages. It also spreads through MSN messenger list, ICQ list and Yahoo pager list. | More details

W32.Klez.E@mm

Klez.E is modified variant of original Klez worm. Klez.E variant rapidly spreads in the wild. I-worm/Klez.E arrives as an e-mail attachment. The attachments are embedded within the e-mail and it won't visible to the user. | More details

W32.BadTrans.B@mm

W32.BadTrans.B@mm is modified variant of original BadTrans worm. This encrypted worm sends infected mails to e-mail address collected from web pages and Windows address book. It also drops Trojan.PSW.Hooker.b in the victims PC. The virus author can steal username and password details using this password stealer. | More details

W32.SirCam@mm

SirCam is a mass mailing worm uses e-mail addresses stored in Windows Address book and also collects addresses from temporary Internet folder to distribute infected messages. SirCam is also network aware worm. It searches for network shares and infects them too. | More details

HomePage
aka
VBSWG.X

VBS/HomePage aka VBS/VBSWG.X is a encrypted VB script worm uses Microsoft outlook to spread. The email message subject will be " Homepage " and the attachment will be "homepage.HTML.vbs" and the message body will be "Hi!
You've got to see this page! It's really cool ;O)"
. | More details

W32.BadTrans@mm

BadTrans is an encrypted worm spreads via MAPI function of Microsoft Outlook and it also drops Trojan.PSW.Hooker.b in the victims PC. The virus author can steal username and password details using the password stealer. | More details

W32/Magistr

W32/Magistr is a complex polymorphic worm spreads via email and it contains virus components to infect PE files [*.EXE, *.SCR] in Windows environment. It infects local machine and PCs connected to the local network (LAN). It is discovered in March 2001 and frequently reported in the wild. | More details

W95/Hybris

Hybris is a complex deadly worm, it will update the plugins from the virus author's site or through a virus conference news group alt.comp.virus. The worm uses Win95/Babylonia virus technique to download plugins, but it uses strong encryption on plugins using RSA 128 bit keys. The worm patches WSOCK32.DLL to email automatically. | More details

W32.Prolin@mm

Prolin is an Internet worm, uses Microsoft Outlook to email itself.The worm is 36,834 bytes long and written in Visual Basic version 6. It needs "MSVBVM60.dll" to spread otherwise it will show DLL missing error. The e-mail attachment name will be "Creative.exe". | More details

W32/MTX

MTX is a complex encrypted worm spreads via email and carries a virus to infect local machine files. It is discovered one month back and frequently reported in the wild. When executed, the worm patches WSOCK32.DLL to email automatically. The virus component uses EPO ( Entry Point Obscuring ) technology to infect files. | More details

Wscript/KAK Worm

Wscript/Kak is a worm that exploits security vulnerabilities in Microsoft Internet Explorer and Microsoft Outlook in a way similar to Bubbleboy worm. It will ONLY infect PCs running Windows 98 with Internet Explorer 5 and Outlook or Outlook Express. | More details

W97M/Marker family

W97M/Marker (also known as HSFX) is a Word macro virus that collects user information from Word and uses FTP to send it over the internet. The virus is similar to W97M/Caligula. It sends the data over to codebreakers.org. It also has some similarities to W97M/Ethan.| More details

PrettyPark.
worm

Pretty Park is an Internet worm, uses mass mailing and mIRC clients to spread. There are lot of unpacked variants also reported in the wild. | More details

W97M/Ethan family

Ethan is a simple macro virus, consisting of a single macro less than 50 lines long. It infects Word's NORMAL.DOT template and documents by inserting it's code to a module in the document.| More details

Worm.Happy99

The is a Win32-based e-mail and newsgroup worm. It displays fireworks when executed first time as Happy99.exe. When executed first time, it creates SKA.EXE and SKA.DLL in the system directory. Also it modifies WSOCK32.DLL to infect.| More details

X97M/Laroux family

XM/Laroux is the first macro virus for Microsoft Excel for Windows which actually works. The virus intercepts Excel's AutoOpen automacro. When an infected spreadsheet is opened, the virus activates and checks whether the system is already infected. If not , the virus creates an Excel for Windows file named PERSONAL.XLS in the Excel for Windows default startup directory (e.g. C:\MSOFFICE\EXCEL \XLSTART) and copies itself there.| More details

W32/Funlove

This is a Win32 PE file virus infects EXE, SCR, OCX files under Win9x and WinNT 4.0 platforms. The infected files will increase by 4099 bytes. What is notable about this virus is that it uses a new strategy to attack the Windows NT file security system and it runs as a service on Windows NT systems. | More details

WYX Boot

WYX boot uses floppy disks to infect other PCs. If you accidentally switch on the PC with an infected disk it will infect Partition table and Boot sector of Hard disk. It spreads on DOS, Windows 9x and Windows NT environments. Some times it failed to replicate in Windows environment and damages the data.| More details

VBS/LoveLetter

VBS/LoveLetter is a VB Script uses Microsoft outlook and Mirc clients to spread. It is spreading faster than Melissa virus. It causes heavy e-mail traffic and downs many mail servers. There are several variants reported in the wild. The attachments will be LOVE-LETTER-FOR-YOU.TXT.VBS, mothersday.vbs, Urgent_virus_warning.vbs, IMPORTANT.TXT.VBS, Virus-Protection-Informations.vbs, ArabAir.TXT.vbs, BEWERBUNG.TXT.vbs, KillEmAll.TXT.vbs, protect.vbs or Very Funny.vbs . | More details

Win95/CIH virus

A more dangerous and deadly virus called "CIH" has spread rapidly and remains dormant in many computers. This virus will wake up or get activated on 26th of April and it will damage the motherboard and the hard disk. The damage caused could be extreme and expensive. | More details

                     The IT industry is attacked everyday by new viruses emerging from all corners of the Globe. However only few viruses are capable of spreading fast and these viruses are called wide spread viruses.

Virus Information Library

Select the first character of the virus name

| A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z | 0-9 |

Search for