Win32/Sober.F@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment.

Win32/Sober.G@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment.

Win32/Sober.J@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on an infected computer. The worm is activated when a user opens the attachment. 

Win32/Jeans.A@m is an e-mail worm that tries to register itself as a debugger for Task Manager, Registry Editor, and other legitimate system applications.

Worm:Win32/Lovgate.E@mm is a worm that copies itself to network shares, and sends a copy of itself as a reply to unread messages in the Microsoft Outlook e-mail Inbox. The worm copies shared subfolders, making itself available for download by common peer-to-peer file sharing applications. In addition, Worm:Win32/Lovgate.E@mm opens a TCP port, and awaits backdoor connections from an attacker.

Win32/Lovgate.V@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm spreads by sending itself as an e-mail attachment and by copying itself to writeable network shares. The worm opens a backdoor that allows attackers to access and control the infected computer.

Worm:Win32/Swen.A@mm is a network and mass-mailing worm that targets certain versions of Microsoft Windows. The worm spreads in several ways and terminates security-related processes running on an infected computer. Win32/Swen masquerades as a patch for Microsoft Internet Explorer, and may pretend to download and install software.

Worm:Win32/Esbot.A is a network worm that targets computers running Microsoft Windows 2000 that do not have Microsoft Security Bulletin MS05-039 installed. The worm can also infect computers running other Windows operating systems if it is delivered through e-mail, instant messaging, or other routes. The worm has a backdoor component that connects to an IRC server to receive commands from attackers.

Worm:Win32/Esbot.C is a network worm that targets Microsoft Windows 2000 computers by exploiting the Windows Plug-and-Play buffer overflow vulnerability that is fixed with Microsoft Security Bulletin MS05-039. The worm can also infect computers running other Windows operating systems if it is delivered through e-mail, instant messaging, or other routes. The worm has a backdoor component that connects to an IRC server to receive commands from attackers.

Worm:Win32/Kelvir.CD is an instant messaging worm that spreads by sending a message to the user's MSN Messenger or Windows Messenger contacts. The message contains a link that points to a copy of the worm.

Worm:Win32/Esbot.A is a network worm that targets computers running Microsoft Windows 2000 that do not have Microsoft Security Bulletin MS05-039 installed. The worm can also infect computers running other Windows operating systems if it is delivered through e-mail, instant messaging, or other routes. The worm has a backdoor component that connects to an IRC server to receive commands from attackers.

Backdoor:Win32/Rbot.CU is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Backdoor:Win32/Rbot.EZ is a backdoor Trojan that runs in the background, gathers software installation and computer configuration details, and connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Backdoor:Win32/Rbot.FR is a backdoor Trojan that runs in the background, gathers software installation and computer configuration details, and connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Win32/Lovgate is a family of mass-mailing worms that targets computers running certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on the infected computer. The worm may also spread to writeable network shares. The worm has a backdoor component that allows attackers to remotely access and control the infected computer.

Win32/Mywife is a family of mass-mailing network worms that targets certain versions of Microsoft Windows. The worm spreads through e-mail attachments and writeable network shares.

Win32/Locksky@mm is a family of mass-mailing worms that targets Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds in files on the infected computer. The worm is activated when a user opens the attachment.

Backdoor:Win32/Poebot is a family of backdoor trojans that allow remote attackers to control infected computers. After a computer is infected, the trojan connects to a specific IRC server and joins a specific channel to receive commands from attackers. Commands can instruct the trojan to spread to other computers by scanning for network shares with weak passwords, exploiting unpatched vulnerabilities, and spreading through backdoor ports opened by other families of malicious software. The trojan can also allow attackers to perform other backdoor functions, such as launching denial of service (DoS) attacks and retrieving system information from infected computers. In addition, the trojan may be used to steal CD keys and licensing credentials for various online games.

Worm:Win32/Brontok.S@mm is a mass-mailing email worm that modifies certain computer settings, such as how hidden files are displayed, and disables registry editing.

It spreads by sending a copy of itself, as an email attachment, to contacts stored on your computer. It can also copy itself to USB and removable drives.

The worm is a member of the Worm:Win32/Brontok@mm and Win32/Brontok families.