Attention: We will be transitioning to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access.
500 entries found.
Displaying page 1
of 25.
Worm:Win32/Hary.A!autorun
Worm:Win32/Hary.A!autorun is a component of Worm:Win32/Hary.A, a virus that spreads from removable media to computers, changes Internet Explorer settings, and disables certain system tools. Worm:Win32/Hary.A poses as a Microsoft Word document that when run, displays a Word document containing the text "Harry Potter is dead."
Alert level:
severe
Worm:Win32/Bagle.ZD@mm
Worm:Win32/Bagle.ZD@mm is a mass-mailing e-mail worm that attempts to download and run arbitrary files from remote Web sites. Worm:Win32/Bagle.ZD@mm collects e-mail address from the local drive and also obtains e-mail addresses by checking Web site URLs included in the worm's code. The worm attempts to terminate the Windows Automatic Update service and modifies the System Registry in an attempt to disable booting into Safe Mode.
Alert level:
severe
Worm:Win32/Gaobot.ZR
Worm:Win32/Gaobot.ZR is a network worm that targets certain versions of Microsoft Windows. It spreads by exploiting multiple vulnerabilities that are patched in various Microsoft Security Bulletins. It also spreads to writeable network shares that have weak administrator passwords to retrieve personal and system information. The worm targets certain Web sites for denial of service (DoS) attacks. The worm also has backdoor capabilities, which allow attackers to control a computer through an IRC channel.
Alert level:
severe
Worm:Win32/Slenfbot.AAA
Worm:Win32/Slenfbot.AAA is a worm that can spread via MSN Messenger, and may spread via removable drives. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level:
severe
Worm:Win32/Zotob.Q!CME-637
Worm:Win32/Zotob.Q is a network worm that exploits the Plug-and-Play vulnerability discussed in Microsoft Security Bulletin MS05-039. The worm targets computers running Microsoft Windows 2000 that do not have MS05-039 installed. The worm can also infect computers running other versions of Windows operating systems if it is delivered through e-mail, instant messaging, or some other means.
Alert level:
severe
Worm:Win32/Parite.C
Win32/Parite is a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives.
Alert level:
severe
Worm:Win32/Stration.X
Worm:Win32/Stration.X is a mass-mailing email worm that sends itself to addresses obtained from a wide range of file types found on the infected system. The e-mail message composed by the worm may masquerade as a failure message or as a scanning tool. Worm:Win32/Stration.X also acts as a Trojan downloader, attempting to download a file from a remote website. The downloaded file is typically another variant of the Win32/Stration family.
Alert level:
severe
Worm:Win32/Scrimge.B
Worm:Win32/Scrimge.B is a worm that spreads via MSN Messenger. It also contains backdoor functionality that allows unauthorized access to the affected machine.
Alert level:
severe
Worm:Win32/Brontok.BU@mm
Worm:Win32/Brontok.BU@mm is a mass-mailing e-mail worm that spreads by sending a copy of itself as an e-mail attachment to e-mail addresses that it gathers from files on the infected computer. Worm:Win32/Brontok.BU@mm can also copy itself to USB and pen drives. This worm can disable antivirus and security software, immediately terminate certain applications, and cause Windows to restart immediately when certain applications run. This worm may conduct denial of service (DoS) attacks against certain Web sites.
Alert level:
severe
Worm:Win32/Mytob.W@mm
Worm:Win32/Mytob.W@mm is a worm that spreads via email, via exploit of a Windows vulnerability, and via MSN or Windows messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine.
Alert level:
severe
Worm:Win32/Slenfbot.AD
Worm:Win32/Slenfbot.AD is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level:
severe
Worm:Win32/Slenfbot.AP
Worm:Win32/Slenfbot.AP is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level:
severe
Worm:Win32/Slenfbot.BN
Worm:Win32/Slenfbot.BN is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level:
severe
Worm:Win32/Slenfbot.BU
Worm:Win32/Slenfbot.BU is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level:
severe
Worm:Win32/Slenfbot.BM
Worm:Win32/Slenfbot.BM is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.
Alert level:
severe
Worm:Win32/Netsky.W.dam
Worm:Win32/Netsky.W.dam is a detection for damaged or corrupted samples of the mass-mailing worm Worm:Win32/Netsky.N@mm.
Alert level:
severe
Worm:Win32/Exvee.A
Worm:Win32/Exvee.A is a worm that spreads via removable drives and file infection. It may also modify web-related files in order to insert a link to a malicious website, and can download and execute arbitrary files, including updates for the worm, and additional malware.
Alert level:
severe
Worm:Win32/VB.FT
Worm:Win32/VB.FT is a worm, written and compiled using Visual Basic 6, that spreads by copying itself to logical and removable drives. This worm maximizes its chance of execution by copying itself using existing folder names; it then hides those folders by changing their attributes.
Alert level:
severe
Worm:Win32/Pushbot
Worm:Win32/Pushbot is detection for a family of malware that spreads via MSN Messenger and AIM when commanded to by a remote attacker. This worm contains backdoor functionality that allows unauthorized access and control of an affected machine.
Alert level:
severe