Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
500 entries found. Displaying page 1 of 25.
Updated on Apr 11, 2011
Worm:Win32/Vobfus.A is a worm that installs Worm:Win32/Vobfus.E, changes Windows settings and may download other malware.
Alert level: severe
Updated on Jul 15, 2012

VirTool:INF/Autorun.gen!AE is a generic detection for autorun.inf files that may be used by variants of the Win32/Vobfus family of worms when spreading to local, network or removable drives.

Worms of the Win32/Vobfus family download and run arbitrary files and the downloaded files may include additional malware.

Alert level: severe
Updated on Oct 07, 2008
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Vobfus!dll is a component of Win32/Vobfus, a worm that spreads by copying itself to available network and removable drives. It launches a specific file named "x.exe".
Alert level: severe
Updated on May 14, 2007
Worm:Win32/Buchon.G@mm is a mass-mailing e-mail worm that includes a proxy component that can respond to commands from attackers to download files from remote Web sites.
Alert level: severe
Updated on Apr 11, 2011
Win32/Wukill.F@mm is a mass-mailing e-mail worm that also spreads via local and mapped drives. The worm modifies the registry to disable viewing of file extensions and paths in Windows Explorer.
Alert level: severe
Updated on Apr 11, 2011
Worm:VBS/Slows.A is a worm that copies itself to all logical drives and the Windows folder as ".MS32DLL.dll.vbs". Worm:VBS/Slows.A runs when Windows is started on an infected machine. Worm:VBS/Slows.A also makes certain registry edits to lower security settings on the infected computer.
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Slenfbot.AE is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Slenfbot.BT is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Scano.C@mm is worm that spreads via e-mail. The worm sends itself to e-mail addresses that it finds on the infected computer.
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Slenfbot.HM is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Brontok.L@mm is detection for a group of variants of the Win32/Brontok worm family.
 
This worm spreads by sending a copy of itself as an e-mail attachment to e-mail addresses that it gathers from files on the infected computer. It can also copy itself to USB and pen drives. Win32/Brontok can disable antivirus and security software, immediately terminate certain applications, and cause Windows to restart immediately when certain applications run. The worm may also conduct denial of service (DoS) attacks against certain Web sites.
Alert level: severe
Updated on Apr 11, 2011
Worm:AutoIt/Utoti.A is a worm that copies itself to fixed and removable drives, terminates processes, deletes files, and alters Windows settings.
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Hamweq is a worm that spreads via removable drives, such as USB memory sticks. It contains an IRC-based backdoor, which may be used by a remote attacker to order the affected machine to participate in Distributed Denial of Service attacks, or to download and execute arbitrary files.
Alert level: severe
Updated on Apr 11, 2011
Worm:VBS/Autorun.F!inf is a detection for the INF file used by Worm:VBS/Autorun.F to automatically execute itself when the removable drive in which it is located is accessed.
Alert level: severe
Updated on Nov 30, 2006
Win32/Mydoom.AR@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it gathers from Web site queries and from the infected computer. The worm also monitors a TCP port for commands from remote attackers.
Alert level: severe
Updated on Feb 01, 2005
Win32/Korgo.F.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Bulletin MS04-011 installed. The worm also monitors TCP ports and opens a backdoor to allow unauthorized access to infected systems. A computer infected with this worm may crash and reboot unexpectedly.
Alert level: severe
Updated on Feb 01, 2005
Win32/Netsky.G@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens an e-mail attachment that contains the worm. There may be no readily apparent indications that a computer is infected with this worm.
Alert level: severe
Updated on Feb 01, 2005
Win32/Korgo.AD.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Bulletin MS04-011 installed. The worm also monitors TCP ports and opens a backdoor to allow unauthorized access to infected computers. A computer infected with this worm may display an LSA crash dialog box and may crash and reboot unexpectedly.
Alert level: severe
Updated on Feb 03, 2005
Win32/Korgo.O.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Bulletin MS04-011 installed. The worm monitors TCP ports and opens a backdoor to allow unauthorized access to infected computers. A computer infected with this worm may crash and reboot unexpectedly.
Alert level: severe