Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
500 entries found. Displaying page 1 of 25.
Updated on Apr 20, 2007
Trojan:HTML/Bankfraud.M is generic detection for email that contains malicious links to known phishing sites. Phishing sites are designed to look like legitimate bank or ecommerce sites. Users who visit these sites and enter their login credentials risk having their credentials exposed to attackers.
Alert level: severe
Updated on Jan 29, 2007
Trojan:Java/Classloader is a malicious Java applet that exploits a vulnerability in certain unpatched versions of Microsoft virtual machine (Microsoft VM). Details on the vulnerability can be found in Microsoft Security Bulletin MS03-011 at http://www.microsoft.com/technet/security/Bulletin/MS03-011.mspx
Alert level: severe
Updated on Mar 07, 2005
Trojan:Win32/StartPage.TC is a browser-modifying Trojan that targets certain versions of Microsoft Windows and Internet Explorer. The Trojan changes the current Internet Explorer settings, specifying a different Web site as the home page or search page.
Alert level: severe
Updated on Apr 26, 2005
Trojan:Win32/Goweh.C is a Trojan that alters several settings in Internet Explorer. It changes the home page and redirects search queries and traffic to other Web pages. Win32/Goweh.C is usually installed on a computer by another Trojan dropper or downloader.
Alert level: severe
Updated on Apr 11, 2011
Trojan:Win32/Delf.M!CME-96 is a user-mode rootkit that hides its own presence on the system, as well as hiding the presence of other malicious software to which it may be associated.
Alert level: severe
Updated on Feb 08, 2007
Trojan:Win32/Stresid downloads files from remote websites, may install as a browser helper object (BHO), and displays pop-up advertising on affected users’ systems. Some variants of Trojan:Win32/Stresid have been bundled with rootkits that hide its presence on the system. Trojan:Win32/Stresid drops a randomly named executable to the temp directory and a randomly named dll to the Windows directory.
Alert level: severe
Updated on Mar 25, 2007
Trojan:IRC/WinBot opens a backdoor on TCP port 113 and UDP port 30167, connects to an IRC channel, and downloads and installs other files. Trojan:IRC/WinBot also includes keylogger capabilities. Some variants of Trojan:IRC/WinBot include the Win32/Parite virus, possibly as a result of cross-infection. Win32/Parite infects portable executable files on local drives and accessible network shares.
Alert level: severe
Updated on Mar 25, 2007
Trojan:BAT/Zapchast.H opens a backdoor on compromised system, installs the mirc chat client, and uses that client to connect to an IRC server which allows attackers to remotely administer the Trojan.
Alert level: severe
Updated on Sep 05, 2007
TrojanDownloader:Win32/Conhook.A attempts to download content from a remote Web site. TrojanDownloader:Win32/Conhook.A injects its code into running processes which could, depending on configuration, allow the Trojan to bypass permission-based firewalls in order to gain Internet access.
Alert level: severe
Updated on Jun 27, 2007
Trojan:Win32/C2Lop.C is a Trojan that adds Web browser bookmarks, downloads files from remote Web sites, and delivers pop-up and contextual advertisements. Trojan:Win32/C2Lop.C is installed by SoftwareBundler:Win32/MessengerPlus.b!installer.
Alert level: severe
Updated on Dec 17, 2007
Trojan:Win32/Advhost.A is an advertising application downloader.
Alert level: severe
Updated on May 17, 2005
Trojan:Win32/Startpage.TE is a destructive Trojan that targets certain versions of Microsoft Windows. The Trojan sets the Internet Explorer default home page to a malicious URL when any user logs on to an infected computer.
Alert level: severe
Updated on Apr 11, 2011
Trojan:Win32/Adialer.OP is a Trojan dialer that connects to remote hosts without user consent. The Trojan consists of an installer, and an installed DLL, identified as Trojan:Win32/Adialer.OP!dll. The Trojan may connect to a remote Web site to download data, and may connect to UDP ports 3010 or 3011.
Alert level: severe
Updated on Jul 03, 2007
Trojan:Win32/Agent!246A is an Internet Explorer Browser Helper Object (BHO) implemented as a DLL plug-in that allows attackers to customize and control Internet Explorer.
Alert level: severe
Updated on Apr 26, 2005
Trojan:Win32/Goweh.A is a Trojan that alters several settings in Internet Explorer, changing the home page and redirecting search queries and traffic to other Web pages. Win32/Goweh.A is usually installed by another Trojan dropper or downloader.
Alert level: severe
Updated on Apr 11, 2011
Win32/Mywife.E@mm is a mass-mailing network worm that targets certain versions of Microsoft Windows. The worm spreads through e-mail attachments and writeable network shares. It is expected to corrupt the content of specific files on the third day of every month.
 
This threat has been assigned CME identifier CME-24. It will be detected as Win32/Mywife.E@mm!CME-24.
Alert level: severe
Updated on Feb 15, 2007
Win32/Vulgar.A is a file infector that may overwrite files on local or mapped drives.
Alert level: severe
Updated on May 14, 2007
Trojan:Win32/Bube.G is a Trojan that lowers security settings stored in the registry, attempts to download programs from a remote Web site and disables features in the Windows Security Center.
Alert level: severe
Updated on Jul 11, 2006
Win32/Nsag.B is a data-stealing Trojan. The Trojan is created when certain code is injected into wininet.dll, which is a Windows system file. When a user tries to send data to a Web site, code in Win32/Nsag.B may cause code in another malicious DLL on the computer to capture the user data and send it to an attacker.
Alert level: severe
Updated on Aug 28, 2006
Win32/Valla.2048 is a virus that appends itself to executable files on an infected computer.
Alert level: severe