Welcome to My Virus Collection

Update!!! This is not a publication of my Viruses that I have collected / extracted from infected computers. I will talk about them but will not list them for download.

I'll offer you tips on how to trap, monitor, trace and do your own technical research regarding the function of the viruses.

 As a technician that has been removing viruses since my first IBM engineered virus in the late 80's. Remember, most if not all modern day viruses are man made. Others were actually script mistakes.

If you have a bug that you would like help researching please feel free to send the name of the bug. Please don't seen the bug to me, I have a computer assigned to be infected.

While most people try to keep viruses out of their systems some of us have computers that we use to collect and study viruses theses little bugs.

Welcome to My Virus Collection at Xtreme Computer.

Part of a technician’s job is replicating issues others might be having. This also at times includes viruses of a select class.

WARNING: Any tips or advice on how to collect viruses is for receiving end research only. Do not use your personal or business computer. Your computer will require a full format and install of the operating system after each test.

It's best to just read about the viruses than to actually allow them to access your computer.

Short History: Viruses at one time were Gremlins (like the old movie) that were actually program application or software glitches called Bugs. Back in the days of 1mb memory and 5.25 disk storage drives we used to get from the software manufacturers updates to "Bugs" they had on their software. One bug I remember very well was from software that IBM GE created for Motorola dealers. The Bug when installed wiped out the customer database. The time between the bug and the fix was only a couple of days but hundreds of databases were lost.

The program bug above would have been listed as a virus because it was actually what the programmer put into the code just before you was escorted out of the building for other reason. The bug which would have been a program glitch ended up to be a virus because it was put into play for other reasons. In the above case, deleting the database was its primary goal.

I started collecting viruses when Chernobyl hit the internet. The idea of a programmer creating a virus because the antivirus he was using didn't stop a virus from destroying his University Studies. He promised to repay with a virus they would not be able to stop and he even announced the virus launch date. It hit on the day on the minute. I was working the phones for that virus outbreak.

Then the Nimda worm or admiN worm , Code Red Worm came. (Microsoft Security Bulletin MS00-078 Yes, it has been more than 12 years of reading.) This was a perfect time to setup and study how a virus can self-propagate over the internet just by using a web server exploit. To say the least, thousands of web servers were infected and hundreds of thousands of web pages deleted by bad AntiVirus software.

In the My First Virus section I want to make sure you understand that you will eventually get a virus on your computer. Unless you never get online and never allow software to be installed your computer is going to be at risk one day if not every day.

The links under My Virus Collection offer up some slight insight and at times full details of what a specific virus did and what it might mean to you.

I don't work in the AV industry and most of my research comes from forensics of computers infected time is always an issue so don't expect every virus but you might find a few that my notes help you with.

Use your AV software company as your main resource. I subscribe to AVG and have for years used both free and paid support on my systems. You can always ask Big AL in the forums but read how to post a question before you do. You can also find a few of my posts related to undiscovered and unreported viruses.

Enjoy your stay in the My Virus Collection.

Be sure you have your "Factory Recovery Disks" ready if you follow the practice and examples.

DISCLAIMER: URLs or Web Addresses that lead to the actual virus will be broken in posts. You at your OWN RISK may use them but you will have to make the URL valid. Code in the examples has been altered slightly and I will indicate what I have changed. You at your OWN RISK can reassemble them on your local computer. DO NOT distribute these viruses. Because these viruses are in the wild and I have altered the code this site is safe to surf.

Finally, if I make recommendations it's based on my experience and or my opinion only. When I talk about AV software I'm not making the claim one is better than another. They all have issues and that is mostly due to the fact it is impossible to know every virus in the wild at every minute.


Collect Adware Legit

Thursday Jun 7 2012
How you might have installed Simley Central, MyWebSearch, FunWebProducts and other applications from Mindsparks.com. Then, how to remove all the third party applications that load from another 3rd party server that has nothing to do with MyWebSearch, Smiley Central, MindSparks, FunWebProducts but they all seem related. Seriously bad group when it comes to uninstall features. But reading the policy it is clear no single person or company did anything wrong. So here's how to remove this type of application and prevent others from installing even without AntiVirus applications.

Win32 / Virut

Wednesday May 18 2011
Virus found Win32 / Virut this Virut could lead to your first format and reinstall. For years we were able to remove just about all viruses without having to format and reinstall your operating system. Data encryption viruses were basically the only virus in our list of Reinstall. Now Virut viruses have joined the list.

Malware Redirect Virus

Tuesday May 17 2011
Out of all the types of viruses you can collect the type I like the most is via hacked advertisement servers or from some advertisement agencies that think this is how to promote software. I've read CEO's write press releases about such things after thousands posted issues of software installing via ads that they didn't want. How did that happen? It was all scripted, so who is telling the truth? Let's let the virus tell the story.

Nordbull msa.exe Virus

Wednesday Feb 17 2010
Nordbull msa.exe Virus Find the folder with file msa.exe Delete it Registry Key: HKEY_CURRENT_USER\Software\NordBull

Vundo.JD Virus

Tuesday Jan 12 2010
Redirect Virus Vundo.JD csrss.exe infected When you find a Trojan like the Vundo or any that change your atapi.sys file and csrss.exe files you know a logging program is waiting for you at your keyboard.

IS2010.exe Fake AV

Monday Dec 21 2009
Internet Security 2010 IS2010.exe I'll call this program a virus but the program itself is not a virus as we know viruses. The only way to have the IS2010.exe run is to either Execute it from the banner advertisement or popup that you saw or by not having your scanner setup to monitor

1 | 2




While most people try to keep viruses out of their systems some of us have computers that we use to collect and study viruses with. Welcome to My Virus Collection at Xtreme Computer. Part of a technicians job is replicating issues others might be having. That at times requires infecting a perfectly good running computer.