Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
500 entries found. Displaying page 1 of 25.
Updated on Jul 15, 2015
Windows Defender Antivirus detects and removes this threat.
 
Sobig is a family of mass-mailing worms that target PCs running certain versions of Microsoft Windows.
 
The worm sends itself to email addresses that it finds on the infected PC. The worm may also spread to writeable network shares.
Alert level: severe
Updated on May 16, 2005
Win32/Zindos is a worm that targets computers running the following Microsoft Windows 9x, Windows ME, Windows NT, Windows 2000, and Windows XP. The worm spreads to computers that are already infected by the mass-mailer worm Win32/Mydoom.O@mm. Win32/Zindos may perform a denial of service (DoS) attack against certain Web sites.
Alert level: severe
Updated on Apr 11, 2011
Win32/Stration is a family of mass-mailing email worms that send themselves to addresses obtained from a wide range of file types found on the infected system. The e-mail message composed by the worm may masquerade as a failure message or as a scanning tool. Win32/Stration also acts as a Trojan downloader, attempting to download a file from a remote website. The downloaded file may be another variant of the Win32/Stration family.
Alert level: high
Updated on Nov 30, 2006
Win32/Passalert is a family of Trojan downloaders capable of downloading and running malicious software. Win32/Passalert may stop, delete, or circumvent processes or services associated with firewall, antivirus, or other security software, thus potentially lowering the security settings on affected computers.
Alert level: high
Updated on Jul 15, 2015
Windows Defender Antivirus detects and removes this threat.
 
Win32/Opaserv is a family of network worms that targets computers running certain versions of Microsoft Windows.
 
The worm spreads through network shares using weak passwords or by exploiting the Windows vulnerability described in Microsoft Security Bulletin MS00-072. The worm can connect to a specified Web site to update itself. A Trojan dropped by one or more Opaserv variants performs operations that can prevent a computer from restarting.
Alert level: severe
Updated on Sep 16, 2005
Win32/Klez is a family of mass-mailing network worms that targets certain versions of Microsoft Windows. It can spread through mapped drives, network shares, executable files, and e-mail. Some Win32/Klez variants infect executable files. Win32/Klez also drops the Win32/Elkern virus to infect executable files.
Alert level: severe
Updated on Jul 15, 2015
Windows Defender Antivirus detects and removes this threat.
 
Win32/Swen is a family of mass-mailing network worms that targets certain versions of Microsoft Windows. 
 
The worm spreads through email, newsgroups, writeable network shares, Internet relay chat channels, and peer-to-peer file-sharing programs. 
Alert level: severe
Updated on Jul 15, 2015
Windows Defender Antivirus detects and removes this threat.
 
Win32/Wootbot is a family of network worms that target certain versions of Microsoft Windows.
 
The worm spreads to writeable network shares as well as MySQL and Microsoft SQL Server application servers. It also spreads by exploiting various Windows vulnerabilities. The worm has a backdoor component that connects to an IRC server and joins a specific channel to receive commands from attackers.
Alert level: high
Updated on Jul 15, 2015
Windows Defender Antivirus detects and removes this threat.
 
Win32/Optix is a family of highly configurable backdoor trojans that targets several versions of Microsoft Windows. The Trojan opens a backdoor that allows an attacker to control an infected PC remotely. It can also release system information to an attacker and disable security-related and other programs. 
Alert level: severe
Updated on Sep 08, 2005
Win32/Purstiu is a family of Trojan downloaders that targets certain versions of Microsoft Windows. These Trojan downloaders are Internet Explorer browser helper objects (BHOs) that can download and run a file from a Web site.
Alert level: severe
Updated on Jul 15, 2015
Windows Defender Antivirus detects and removes this threat.
 
Win32/Spyboter is a family of backdoor trojans that targets certain versions of Microsoft Windows.
 
The trojan injects code into explorer.exe and allows attackers to control the PC through an IRC channel. 
Alert level: severe
Updated on Apr 11, 2011
Win32/Spybot is a network worm that targets certain versions of Microsoft Windows. The worm can spread through writeable network shares that have weak administrator passwords, or through peer-to-peer, file-sharing programs. It can also spread by exploiting various Windows vulnerabilities. Win32/Spybot also has a backdoor component that allows attackers to control an infected computer.
Alert level: high
Updated on Apr 11, 2011
Win32/Gael is a parasitic virus that targets certain versions of Microsoft Windows. The virus infects Win32 PE .exe files locally and on writeable network shares. The virus can also download TrojanDownloader:Win32/Small from a Web site and run the file.
Alert level: high
Updated on Jul 15, 2015
Windows Defender Antivirus detects and removes this threat.
 
Win32/Plexus is a mass-mailing email worm that targets Microsoft Windows. The worm also spreads through Kazaa peer-to-peer network shares and to computers that have not been patched for the Windows vulnerabilities described in Microsoft Security Bulletins MS03-039 and MS04-011. Win32/Plexus opens a backdoor which allows attackers to run arbitrary code on the infected computer.
Alert level: high
Updated on Apr 11, 2011
Win32/Valla is a virus that appends itself to executable files on an infected computer.
Alert level: high
Updated on Apr 11, 2011
Win32/Sasser is a family of network worms that exploit the Local Security Authority Subsystem Service (LSASS) vulnerability fixed in Microsoft Security Update MS04-011. The worm spreads by randomly scanning IP addresses for vulnerable machines and infecting any that are found.
Alert level: severe
Updated on Aug 18, 2003
Win32/Nachi is a family of network worms that spread across network connections by exploiting one or more vulnerabilities in Microsoft Windows 2000 and Windows XP. These worms can also spread using backdoors opened by other malicious software. The worm tries to download and apply security updates; some variants try to remove other malicious software that may be on the infected computer. Some variants replace Web pages stored on the computer with their own Web page.
Alert level: severe
Updated on Apr 11, 2011
Win32/Tibs is a family of Trojans that may download and run other malicious software or may steal user data and send it to the attacker via HTTP POST or email. The Win32/Tibs family frequently downloads Trojans belonging to the Win32/Harnig and Win32/Passalert families, both of which are families of Trojan downloaders which may in turn download and run other malicious software.
Alert level: high
Updated on Apr 11, 2011
Win32/Harnig is a family of Trojan downloaders capable of downloading and running malicious software. Win32/Harnig may stop, delete, or circumvent processes or services associated with firewall, antivirus, or other security software, thus potentially lowering the security settings on affected computers.
Alert level: high
Updated on Apr 20, 2007
Win32/Parite is a family of polymorphic file infectors that targets computers running Microsoft Windows. The virus infects .exe and .scr executable files on the local file system and on writeable network shares. In turn, the infected executable files perform operations that cause other .exe and .scr files to become infected.
Alert level: high