Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
787 entries found. Displaying page 14 of 40.
Updated on Jul 20, 2004
Win32/Randex.H is a network worm that targets computers running certain versions of Microsoft Windows. The worm attempts to spread by randomly scanning IP addresses for computers that do not have Microsoft Security Bulletin MS03-026 installed or for writeable network shares with weak passwords. The worm also drops a backdoor proxy Trojan that acts as an HTTP proxy that allows attackers to access the infected computer.
Alert level: severe
Updated on Aug 22, 2004
Win32/Netsky.O@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens an e-mail attachment that contains the worm.
Alert level: severe
Updated on Sep 09, 2004
Win32/Mydoom.T@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also installs a .dll file that acts as a backdoor.
Alert level: severe
Updated on Sep 10, 2004
Win32/Mydoom.W@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also downloads and runs an executable that acts as a backdoor. 
Alert level: severe
Updated on Sep 10, 2004
Win32/Mydoom.X@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected machine. The worm also downloads and runs an executable that acts as a backdoor. It is a minor variant of Win32/Mydoom.W@mm
Alert level: severe
Updated on Nov 29, 2004
Win32/Mydoom.G@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also installs a .dll file that acts as a backdoor listening on TCP ports 80 and 1080. The worm attempts a denial-of-service (DoS) attack against www.symantec.com.
Alert level: severe
Updated on Dec 02, 2004
Win32/Mydoom.H@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also installs a .dll file that acts as a backdoor listening on TCP ports 80 and 1080. The worm attempts a denial-of-service (DoS) attack against www.symantec.com.
Alert level: severe
Updated on Dec 02, 2004
Win32/Mydoom.I@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also installs a .dll file that acts as a backdoor.
Alert level: severe
Updated on Dec 14, 2004
Win32/Mydoom.J@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also installs a .dll file that acts as a backdoor.
Alert level: severe
Updated on Dec 14, 2004
Win32/Zafi.D@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on an infected machine. The worm is activated when a user opens the e-mail attachment that contains the worm. Your computer may be infected with Win32/Zafi.D@mm if you notice e-mails with a certain appearance, certain error messages, or certain file names on the infected computer.
 
Alert level: severe
Updated on Dec 14, 2004
Win32/Mydoom.K@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also installs a .dll file that acts as a backdoor.
Alert level: severe
Updated on Dec 15, 2004
Worm:Win32/Mydoom.L@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also spreads by making copies of itself in folders containing certain strings commonly associated with peer-to-peer file sharing programs. In addition, Worm:Win32/Mydoom.L@mm opens a backdoor on TCP port 1042.
Alert level: severe
Updated on Dec 18, 2004
Win32/Mydoom.V@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer.
Alert level: severe
Updated on Dec 19, 2004
Win32/Mydoom.R@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer.
Alert level: severe
Updated on Dec 19, 2004
Win32/Mydoom.P@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also creates a backdoor Trojan.
Alert level: severe
Updated on Dec 22, 2004
The Win32/Gaobot.worm family of worms spreads using different methods, depending on the variant. Some variants spread to machines with weak passwords. Others exploit vulnerabilities to infect machines. Once a machine is infected, the worm connects to an IRC server to receive commands.
Alert level: severe
Updated on Jan 28, 2005
Win32/Gaobot.ZX.worm is a network worm that can spread across network connections by exploiting the vulnerability described in Microsoft Security Bulletin MS03-026. The worm has backdoor capabilities, which allows attackers to control the infected computer using IRC channels. The worm also acts as a bot on the IRC network, coordinated through the IRC command, to launch massive distributed denial of service (DDoS) attacks and retrieve personal and system information.
Alert level: severe
Updated on Feb 18, 2005
Win32/Bagle.AK@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level: severe
Updated on Jul 20, 2005
Win32/Mytob.CU@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm spreads by sending itself as an e-mail attachment to addresses that on the infected computer. The worm runs when the user opens the attachment. Win32/Mytob.CU@mm opens a backdoor that allows attackers to control the infected computer.
Alert level: severe
Updated on Jul 22, 2005
Win32/Mytob.BP@mm is a mass-mailing worm that spreads by sending itself as an e-mail attachment to e-mail addresses that it finds on an infected computer. The worm has a backdoor component that allows attackers to control an infected computer through an IRC channel.
Alert level: severe