500 entries found.
Displaying page 1
of 25.
Worm:Win32/Hary.A!autorun
Worm:Win32/Hary.A!autorun is a component of Worm:Win32/Hary.A, a virus that spreads from removable media to computers, changes Internet Explorer settings, and disables certain system tools. Worm:Win32/Hary.A poses as a Microsoft Word document that when run, displays a Word document containing the text "Harry Potter is dead."
Alert level:
severe
Worm:Win32/Bagle.ZD@mm
Worm:Win32/Bagle.ZD@mm is a mass-mailing e-mail worm that attempts to download and run arbitrary files from remote Web sites. Worm:Win32/Bagle.ZD@mm collects e-mail address from the local drive and also obtains e-mail addresses by checking Web site URLs included in the worm's code. The worm attempts to terminate the Windows Automatic Update service and modifies the System Registry in an attempt to disable booting into Safe Mode.
Alert level:
severe
Worm:Win32/Gaobot.ZR
Worm:Win32/Gaobot.ZR is a network worm that targets certain versions of Microsoft Windows. It spreads by exploiting multiple vulnerabilities that are patched in various Microsoft Security Bulletins. It also spreads to writeable network shares that have weak administrator passwords to retrieve personal and system information. The worm targets certain Web sites for denial of service (DoS) attacks. The worm also has backdoor capabilities, which allow attackers to control a computer through an IRC channel.
Alert level:
severe
Worm:Win32/Mytob
Win32/Mytob is a family of mass-mailing worms that targets computers running certain versions of Microsoft Windows. The worm can spread by exploiting Windows vulnerabilities that are fixed by installing Microsoft Security Updates MS03-026 and MS04-011. The worm can also spread by sending a copy of itself through e-mail, MSN Messenger, or Windows Messenger.
Alert level:
severe
Worm:Win32/Jeans.A@m
Win32/Jeans.A@m is an e-mail worm that tries to register itself as a debugger for Task Manager, Registry Editor, and other legitimate system applications.
Alert level:
severe
Worm:Win32/Lovgate.B@mm
Worm:Win32/Lovgate.B@mm is a mass-mailing worm that sends itself as an e-mail attachment to addresses found on the infected computer. To spread via networks and file shares, Worm:Win32/Lovgate.B@mm copies itself to writeable network shares and shares protected by weak user name and password pairs. The worm opens a backdoor on infected systems and may send system passwords and other sensitive information to the worm's author.
Alert level:
severe
Worm:Win32/Gaobot.AZ
Worm:Win32/Gaobot.AZ is a worm that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS03-001, MS03-007, or MS03-026. After the Trojan copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Alert level:
severe
Worm:Win32/Spybot.BA
Win32/Spybot.BA.worm is a network worm that targets certain versions of Microsoft Windows. When a computer is infected with Win32/Bropia.D.worm, that worm drops Win32/Spybot.BA.worm on the infected computer. Win32/Spybot.BA.worm in turn spreads to other computers that do not have Microsoft Security Bulletin MS04-011 (Windows LSASS buffer overflow vulnerability) installed. Win32/Spybot.BA.worm also has backdoor capabilities, which allow attackers to control an computer through an IRC channel.
Alert level:
severe
Worm:Win32/Spybot.BK
Win32/Spybot.BK.worm is a network worm that targets certain versions of Microsoft Windows. When a computer is infected with Win32/Bropia.O.worm, that worm drops Win32/Spybot.BK.worm on the infected computer. Win32/Spybot.BK.worm in turn spreads to other computers that do not have Microsoft Security Bulletin MS04-011 (Windows LSASS buffer overflow vulnerability) installed. Win32/Spybot.BK.worm also has backdoor capabilities, which allow attackers to control a computer through an IRC channel.
Alert level:
severe
Worm:Win32/Sober.P@mm
Win32/Sober.P@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on an infected computer. The worm runs when a user opens the attachment.
Alert level:
severe
Worm:Win32/Randex.FK
Win32/Randex.FK.worm is a network worm that targets computers running certain versions of Microsoft Windows. It scans randomly generated IP addresses to spread to network shares with weak passwords. After the worm infects a computer, it connects to an IRC server to receive commands from the attacker. If your computer is infected by Win32/Randex.FK worm, you may experience system performance degradation, slower network connectivity, or system crashes.
Alert level:
severe
Worm:Win32/Randex.FD
Win32/Randex.FD.worm is a network worm that targets computers running certain versions of Microsoft Windows. The worm spreads by randomly scanning IP addresses for writeable network shares with weak passwords. After the worm infects a computer, it connects to an IRC server to receive commands from an attacker. Some variants of Win32/Randex.FD.worm also drop a Trojan proxy.
Alert level:
severe
Worm:Win32/Wootbot.BH
Backdoor:Win32/Wootbot.AX is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan connects to an IRC server to receive commands from attackers. For example, an attacker can send a command to distribute the Trojan to other computers by exploiting the Windows LSASS vulnerability described in Microsoft Security Bulletin MS04-011.
Alert level:
severe
Worm:Win32/Sober.Q@mm!CME456
Win32/Sober.Q@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm spreads by sending a copy of itself as an attachment to e-mail addresses found on the infected computer. The e-mail may be in English or German. The worm runs when the user opens the attachment.
Alert level:
severe
Worm:Win32/Netsky.I@mm
Win32/Netsky.I@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens an e-mail attachment that contains the worm. There may be no readily apparent indications that a computer is infected with this worm.
Alert level:
severe
Worm:Win32/Korgo.R
Win32/Korgo.R.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Bulletin MS04-011 installed. The worm monitors TCP ports and opens a backdoor to allow unauthorized access to infected computers. A computer infected with this worm may crash and reboot unexpectedly.
Alert level:
severe
Worm:Win32/Netsky.X@mm
Win32/Netsky.X@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment that contains the worm. The worm also contains a backdoor and performs denial of service (DoS) attacks against certain Web sites.
Alert level:
severe
Worm:Win32/Zafi.D@mm
Win32/Zafi.D@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on an infected machine. The worm is activated when a user opens the e-mail attachment that contains the worm. Your computer may be infected with Win32/Zafi.D@mm if you notice e-mails with a certain appearance, certain error messages, or certain file names on the infected computer.
Alert level:
severe
Worm:Win32/Gaobot.ZP
Win32/Gaobot.ZP is a network worm that can spread across network connections by exploiting the vulnerability described in Microsoft Security Bulletin MS03-026. The worm has backdoor capabilities that allow attackers to control the infected computer using IRC channels. The worm also acts as a bot on the IRC network, coordinated through the IRC command, to launch massive distributed denial of service (DDoS) attacks and retrieve personal and system information.
Alert level:
severe