Win32/Sasser.C is a network worm that exploits the Local Security Authority Subsystem Service (LSASS) vulnerability fixed in Microsoft Security Update MS04-011. The worm targets Windows 2000 and Windows XP computers that do not have the MS04-011 security update installed. Infected computers attempt to spread the worm to other unprotected computers by randomly scanning IP addresses and infecting vulnerable computers.

Win32/Korgo.O.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Bulletin MS04-011 installed. The worm monitors TCP ports and opens a backdoor to allow unauthorized access to infected computers. A computer infected with this worm may crash and reboot unexpectedly.

Win32/Gaobot.ZR.worm is a network worm that targets certain versions of Microsoft Windows. It spreads by exploiting multiple vulnerabilities that are patched in various Microsoft Security Bulletins. It also spreads to writeable network shares that have weak administrator passwords to retrieve personal and system information. The worm targets certain Web sites for denial of service (DoS) attacks. The worm also has backdoor capabilities, which allow attackers to control a computer through an IRC channel.

Win32/Gaobot.ZS.worm is a network worm that targets certain versions of Microsoft Windows. It spreads by exploiting known vulnerabilities that are patched in several Microsoft Security Bulletins. To retrieve personal and system information, it also spreads to writeable network shares that have weak administrator passwords. The worm targets certain Web sites for denial of service (DoS) attacks. The worm also has backdoor capabilities, which allow attackers to control an infected computer through an IRC channel.

Storm Worm, or Win32/Nuwar, refers to a family of Trojan droppers that install a distributed peer-to-peer (P2P) downloader Trojan. This downloader Trojan in turn downloads a copy of the email worm component of Storm Worm.

Win32/Gaobot.ZT.worm is a network worm that targets certain versions of Microsoft Windows. It spreads by exploiting vulnerabilities that are patched in several Microsoft Security Bulletins. To retrieve personal and system information, it also spreads to writeable network shares that have weak administrator passwords. The worm targets certain Web sites for denial of service (DoS) attacks. The worm also has backdoor capabilities, which allow attackers to control an infected computer through an IRC channel.

Worm:Win32/Bagz.D@mm is a worm that sends e-mails to gathered e-mail addresses, with an attached copy of itself. Win32/Bagz may also block access to certain Web sites and delete services.

Worm:Win32/RJump is a worm that attempts to spread by copying itself to newly attached media (such as USB memory devices or network drives). It also contains backdoor functionality that allows an attacker unauthorized access to an affected machine.

Win32/Bagle.BF@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.

Win32/HLLW.Nachi.C is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.