500 entries found.
Displaying page 1
of 25.
WinNT/Bagle
WinNT/Bagle is a component of the greater Win32/Bagle multi-component family of malware. WinNT/Bagle provides advanced stealth functionality and anti-removal measures for this family.
Alert level:
high
Win32/Bagle
Win32/Bagle is a family of mass-mailing worms that targets certain versions of Microsoft Windows. The worm spreads primarily through e-mail, though some variants also spread through peer-to-peer networks. The worm acts as a backdoor Trojan, allowing an attacker to access a computer that it has infected. The backdoor can be used to distribute other malicious software. Some variants of Win32/Bagle infect executable files.
Alert level:
high
Worm:Win32/Bagle.BA@mm!CME477
Win32/Bagle.BA@mm!CME-477 is a mass-mailing worm. The worm spreads by sending a copy of itself as an e-mail attachment to e-mail addresses that it finds on the host computer. Win32/Bagle.BA@mm!CME-477 also spreads by copying itself to folders containing the string 'shar' in the folder name.
Alert level:
severe
Worm:Win32/Bagle.AK@mm
Win32/Bagle.AK@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level:
severe
Worm:Win32/Bagle.AL@mm
Win32/Bagle.AL@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level:
severe
Worm:Win32/Bagle.AN@mm
Win32/Bagle.AN@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level:
severe
Worm:Win32/Bagle.AR@mm
Win32/Bagle.AR@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level:
severe
Worm:Win32/Bagle.AW@mm
Win32/Bagle.AW@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers. One variant of Win32/Bagle.AW@mm injects the worm code into all Windows executable files on an infected computer.
Alert level:
severe
Worm:Win32/Bagle.EG@mm
Win32/Bagle.EG@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is sent in a password protected zip file along with the password for the user to unzip the file. The worm monitors a random TCP port for instructions from remote attackers.
Alert level:
severe
Worm:Win32/Bagle.AI
Win32/Bagle.AI is a backdoor Trojan that injects itself into Windows Explorer. This stops the SharedAccess service, terminates processes with certain file names, and downloads and executes instructions from certain URLs.
Alert level:
severe
Worm:Win32/Bagle.L@mm
Win32/Bagle.L@mm is a backdoor Trojan that injects itself in Windows Explorer. The Trojan monitors a random TCP port for instructions from attackers.
Alert level:
severe
Worm:Win32/Bagle.O
Win32/Bagle.O is a backdoor Trojan that injects itself in Windows Explorer. The Trojan monitors a random TCP port for instructions from attackers.
Alert level:
severe
TrojanDownloader:Win32/Bagle.gen!A
TrojanDownloader:Win32/Bagle.gen!A is the generic detection for trojans that download worms from the Win32/Bagle family. They are usually distributed as attachments of spammed e-mail messages. They may also change certain system settings.
Alert level:
severe
Worm:Win32/Bagle.X@mm!CME328
Win32/Bagle.X@mm!CME-328 is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds in certain files on the infected computer. The worm is activated when the e-mail recipient opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
This threat was assigned CME ID 328.
Alert level:
severe
Worm:Win32/Bagle.ZD@mm
Worm:Win32/Bagle.ZD@mm is a mass-mailing e-mail worm that attempts to download and run arbitrary files from remote Web sites. Worm:Win32/Bagle.ZD@mm collects e-mail address from the local drive and also obtains e-mail addresses by checking Web site URLs included in the worm's code. The worm attempts to terminate the Windows Automatic Update service and modifies the System Registry in an attempt to disable booting into Safe Mode.
Alert level:
severe
Worm:Win32/Bagle@mm!zip
Worm:Win32/Bagle@mm!zip is detection for e-mail containing password-protected zip file attachments associated with the Win32/Bagle family. The Win32/Bagle family spreads primarily through e-mail, though some variants also spread through peer-to-peer networks. The worm acts as a backdoor Trojan, allowing an attacker to access a computer that it has infected. The backdoor can be used to distribute other malicious software. Some variants of Win32/Bagle infect executable files.
Alert level:
severe
TrojanDownloader:Win32/Bagle.ACB
TrojanDownloader:Win32/Bagle.ACB is a member of Win32/Bagle - a multicomponent family of worms that may spread via email and peer to peer file sharing networks. Win32/Bagle may also contain backdoor functionality that allows unauthorized access to an affected machine, and may download and execute arbitrary files.
Alert level:
severe
Worm:Win32/Bagle.BD@mm!CME245
Win32/Bagle.BD@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when the user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level:
severe
TrojanDownloader:Win32/Bagle.ABQ
TrojanDownloader:Win32/Bagle.ABQ is a trojan that terminates security applications, installs Trojan:WinNT/Bagle.A and downloads Worm:Win32/Bagle.gen!C.
Alert level:
severe