Win32/Sirefef
Microsoft security software detects and removes this threat.
This family of malware uses stealth to hide its presence on your PC. Trojans in this family can do different things, including:
- Downloading and running other files
- Contacting remote hosts
- Disabling security features
Members of the family can also change search results, which can generate money for the hackers who use Sirefef.
Variants of Win32/Sirefef might be installed by other malware, including variants of the Trojan:Win32/Necurs family.
Win32/Dishigy
Win32/Dishigy is a family of trojans that can be instructed to perform denial of service attacks on remote hosts. The trojan attempts to connect to a remote host in order to obtain configuration information, and may be instructed to perform any one of several types of attacks.
Win32/Cleaman
Win32/Cleaman is a family of multi-component, obfuscated trojans that are distributed via drive-by exploit kits. Its main purpose is to redirect Bing, Google, and Yahoo search results to bogus webpages that serve advertisements, adware programs, and malware.
Win32/Moudoor
Windows Defender Antivirus detects and removes this threat.
This family of backdoor trojans can steal your sensitive information by recording which keys you press. They can also give a malicious hacker access and control of your PC, and download other malware.
They can be installed on your PC without your knowledge when you download other software programs.
Win32/Weelsof
Windows Defender detects and removes this threat.
This family of ransomware threats displays a localized webpage that covers your desktop and demands the payment of a fine for the supposed possession of illicit material.
Some variants of Win32/Weelsof can make lasting changes to your PC that make it difficult for you to download, install, run, or update your antivirus software.
Win32/Lefgroo
Win32/Lefgroo is a family of worms that copy themselves to removable and network drives, and display messages.
Win32/Beebone
Windows Defender detects and removes this threat.
The threat is a family of Visual Basic-compiled trojan downloaders that download and run other malware, such as:
Win32/Neurevt
Windows Defender Antivirus detects and removes this threat.
This threat can change some of your PC settings and steal your sensitive information. It can also give a malicious hacker access to your PC.
Win32/FakeDef
Win32/FakeDef is a family of rogues that displays fake warnings of "malicious programs and viruses", and tells you that they need to pay money to register the software to remove these non-existent threats.
FakeDef uses a number of different aliases, depending on what operating system you are using; below is a list of the names we have observed in the wild:
- Vista Defender
- Win Defender
- Win Server Defender
- Win7 Defender
- XP Defender
Win32/Kexqoud
Win32/Kexqoud is a family of trojans that use your computer without your consent to generate a specific digital currency known as Bitcoins.
It makes use of a legitimate program used for mining Bitcoins, using multiple accounts, to generate this currency.
Win32/Vicenor
Win32/Vicenor is a family of trojans that use your computer without your consent to generate a specific digital currency known as Bitcoins.
Win32/Shiotob
Windows Defender detects and removes this threat.
The Win32/Shiotob family of spyware can monitor your PC to steal your system information, user names and passwords.
They can be downloaded from the Internet or installed by other malware. They can also arrive as an attachment to a spam email.
Win32/Rotbrow
Windows Defender detects and removes this threat.
This family of trojans install browser addons that claim to protect you from other addons. These addons can make changes to your home page and also install Win32/Sefnit.
These trojans are commonly installed by Win32/Brantall.
Win32/Napolar
Windows Defender detects and removes this threat.
This malware family can download and run files on your PC and steal online user names and passwords. They can also use your PC as part of a DDoS attack.
These threats are installed on your PC when you click a link in a suspicious Facebook message.
Win32/Jenxcus
Windows Defender detects and removes this threat.
This threat can give a malicious hacker access and control of your PC. It can also collect your personal information and send it to a malicious hacker.
Typically, this threat gets onto your PC from a drive-by download attack. It can also be installed when you visit a compromised webpage or use an infected removable drive.
Win32/Filcout
Windows Defender detects and removes this threat.
This app is used to help you find programs to run unknown files, however it is also known to install variants of the Win32/Sefnit family without your knowledge.
You might download this app yourself, or it might have been installed on your PC by Win32/Rotbrow or Win32/Brantall.
Win32/Crilock
Microsoft security software detects and removes this family of threats.
This ransomware family encrypts your files and shows you a webpage that asks you to pay a fee to unlock them.
They can be installed on your PC by other malware, such as TrojanDownloader:Win32/Upatre and PWS:Win32/Zbot.gen!GO. It can also spread through infected removable drives, such as USB flash drives.
You can read more about this type of threat on our Ransomware page.
Win32/Kasidet
Microsoft security software detects and removes this family of threats.
Threats in this family can steal your sensitive information.
They can be installed on your PC by exploit kits such as JS/Neclu, spam email attachments, or infected removable drives. They can also be downloaded by other malware such as Win32/Gamarue and Win32/Dorkbot.
Win32/Vawtrak
Microsoft security software detects and removes this family of threats.
This malware family can give a malicious hacker access to your PC. They can also steal your personal information, such as your user names and passwords for some banking websites.