Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
500 entries found. Displaying page 1 of 25.
Updated on Oct 07, 2008
Alert level: severe
Updated on May 01, 2007
Win32/Mytob is a family of mass-mailing worms that targets computers running certain versions of Microsoft Windows. The worm can spread by exploiting Windows vulnerabilities that are fixed by installing Microsoft Security Updates MS03-026 and MS04-011. The worm can also spread by sending a copy of itself through e-mail, MSN Messenger, or Windows Messenger. 
Alert level: severe
Updated on May 22, 2007
Win32/Jeans.A@m is an e-mail worm that tries to register itself as a debugger for Task Manager, Registry Editor, and other legitimate system applications.
Alert level: severe
Updated on Jun 21, 2007
Worm:Win32/Lovgate.B@mm is a mass-mailing worm that sends itself as an e-mail attachment to addresses found on the infected computer. To spread via networks and file shares, Worm:Win32/Lovgate.B@mm copies itself to writeable network shares and shares protected by weak user name and password pairs. The worm opens a backdoor on infected systems and may send system passwords and other sensitive information to the worm's author.
Alert level: severe
Updated on Nov 30, 2006
Win32/Sober.Q@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm spreads by sending a copy of itself as an attachment to e-mail addresses found on the infected computer. The e-mail may be in English or German. The worm runs when the user opens the attachment.
Alert level: severe
Updated on Feb 01, 2005
Win32/Netsky.I@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens an e-mail attachment that contains the worm. There may be no readily apparent indications that a computer is infected with this worm.
Alert level: severe
Updated on Feb 03, 2005
Win32/Korgo.R.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Bulletin MS04-011 installed. The worm monitors TCP ports and opens a backdoor to allow unauthorized access to infected computers. A computer infected with this worm may crash and reboot unexpectedly.
Alert level: severe
Updated on Feb 07, 2005
Win32/Netsky.X@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment that contains the worm. The worm also contains a backdoor and performs denial of service (DoS) attacks against certain Web sites.
Alert level: severe
Updated on Feb 07, 2005
Win32/Zafi.D@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on an infected machine. The worm is activated when a user opens the e-mail attachment that contains the worm. Your computer may be infected with Win32/Zafi.D@mm if you notice e-mails with a certain appearance, certain error messages, or certain file names on the infected computer.
 
Alert level: severe
Updated on Feb 07, 2005
Win32/Gaobot.ZP is a network worm that can spread across network connections by exploiting the vulnerability described in Microsoft Security Bulletin MS03-026. The worm has backdoor capabilities that allow attackers to control the infected computer using IRC channels. The worm also acts as a bot on the IRC network, coordinated through the IRC command, to launch massive distributed denial of service (DDoS) attacks and retrieve personal and system information.
Alert level: severe
Updated on Feb 27, 2005
Win32/Bropia.G.worm is a worm that targets computers running certain versions of Microsoft Windows. The worm spreads and is activated when a user opens a file that is sent through MSN Messenger or Windows Messenger. The worm drops Trojan:Win32/Pakes.C when it runs.
Alert level: severe
Updated on Mar 03, 2005
Win32/Bagle.AN@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level: severe
Updated on Mar 07, 2005
Win32/Mydoom.AE@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer.
Alert level: severe
Updated on Mar 10, 2005
Win32/Gaobot.ZN.worm is a backdoor Trojan that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS01-059, MS02-061, MS03-001, MS03-007, MS03-026, or MS03-049. After the Trojan copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Alert level: severe
Updated on Mar 23, 2005
W32.Mimail.E@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on an infected computer. The worm is activated when the user opens the attachment. The worm also launches denial of service (DoS) attacks against certain Web sites.
Alert level: severe
Updated on May 13, 2005
Win32/HLLW.Doomjuice.B is a worm that targets computers infected with the Mydoom.A or Mydoom.B worms. Doomjuice.B scans for systems listening on TCP port 3127, the backdoor port for Mydoom.A and Mydoom.B. Doomjuice.B launches a denial of service (DoS) attack against www.microsoft.com.
Alert level: severe
Updated on May 13, 2005
Win32/HLLW.Nachi.K is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Alert level: severe
Updated on May 16, 2005
Worm:Win32/Gaobot.CT is a worm that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS03-001, MS03-007, or MS03-026. After the Trojan copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Slenfbot.AAA is a worm that can spread via MSN Messenger, and may spread via removable drives. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Zotob.Q is a network worm that exploits the Plug-and-Play vulnerability discussed in Microsoft Security Bulletin MS05-039. The worm targets computers running Microsoft Windows 2000 that do not have MS05-039 installed. The worm can also infect computers running other versions of Windows operating systems if it is delivered through e-mail, instant messaging, or some other means.
Alert level: severe