Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
787 entries found. Displaying page 15 of 40.
Updated on Aug 04, 2005
Win32/Mytob.AO@mm is a mass-mailing and network worm that targets computers running certain versions of Microsoft Windows. The worm can spread through e-mail, MSN Messenger, and Windows Messenger. It can also spread by exploiting the Windows vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026. The worm connects to an IRC server to receive commands from attackers.
Alert level: severe
Updated on Aug 04, 2005
Win32/Mytob.DO@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm can spread through e-mail, MSN Messenger, and Windows Messenger. The worm connects to an IRC server to allow attackers to control the infected computer.
Alert level: severe
Updated on Aug 28, 2005
Win32/Gael.A is a parasitic virus that targets certain versions of Microsoft Windows. The virus infects Win32 PE .exe files locally and on writeable network shares. The virus can also download TrojanDownloader:Win32/Gael.A from a Web site and run the file, which in turn downloads Backdoor:Win32/Gael.A from a Web site.
Alert level: severe
Updated on Oct 14, 2005
Win32/Mytob.BM@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm spreads by sending a copy of itself as an attachment to e-mail addresses found on the infected computer. The worm has a backdoor component that allows attackers to control an infected computer through an IRC channel.
Alert level: severe
Updated on Oct 20, 2005
Win32/Mytob.FO@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm spreads by sending a copy of itself as an attachment to e-mail addresses found on the infected computer. The worm has a backdoor component that allows attackers to control an infected computer through an IRC channel.
Alert level: severe
Updated on Oct 31, 2005
Win32/Mytob.CT@mm is a mass-mailing worm that spreads by sending a copy of itself as an e-mail attachment to e-mail addresses that it finds on the infected computer. The worm has a backdoor component that connects to an IRC server from an infected computer to receive commands from attackers.
Alert level: severe
Updated on Nov 10, 2004
Win32/Doomjuice is a family of worms that target machines infected with Win32/Mydoom. Win32/Doomjuice scans for systems listening on the TCP port opened by the backdoor component of Win32/Mydoom. The worms launch a denial of service (DoS) attack against www.microsoft.com.
Alert level: severe
Updated on Nov 11, 2004
Win32/Sasser is a family of network worms that exploit the Local Security Authority Subsystem Service (LSASS) vulnerability fixed in Microsoft Security Update MS04-011. The worm spreads by randomly scanning IP addresses for vulnerable machines and infecting any that are found.
Alert level: severe
Updated on Dec 21, 2004
Backdoor:Win32/Gaobot is family of worms that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS03-001, MS03-007, or MS03-026. After a variant copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Alert level: severe
Updated on Dec 21, 2004
The Win32/Gaobot.gen worm family spreads using different methods, depending on the variant. Some variants spread to computers with weak passwords. Others exploit vulnerabilities to infect computers. Once a computer is infected, the worm connects to an IRC server to receive commands.
Alert level: severe
Updated on Jan 29, 2007
Backdoor:Win32/Rbot is a family of backdoor Trojans that allows attackers to control infected computers. After a computer is infected, the Trojan connects to a specific IRC server and joins a specific channel to receive commands from attackers. Commands can instruct the Trojan to spread to other computers by scanning for network shares with weak passwords, exploiting Windows vulnerabilities, and spreading through backdoor ports opened by other families of malicious software. The Trojan can also allow attackers to perform other backdoor functions, such as launching denial of service (DoS) attacks and retrieving system information from infected computers.
Alert level: severe
Updated on Apr 09, 2007
Worm:Win32/Sober.AH@mm is a mass-mailing e-mail worm that sends itself in either English or German language e-mail, depending on the domain suffix of the infected user. Typically, the Win32/Sober worm family downloads additional malicious files at pre-determined times and locations. These files are commonly proxies that are used to relay spam from infected systems.
Alert level: severe
Updated on Apr 10, 2007
Worm:Win32/Nuwar.JK is a mass-mailing email worm that sends a Trojan dropper via email. When the Trojan attachment is opened, it installs a distributed peer-to-peer (P2P) downloader Trojan which typically downloads a copy of the Win32/Nuwar worm component.
Alert level: high
Updated on Aug 28, 2007
Backdoor:Win32/Sdbot.ZC is a backdoor Trojan that allows an attacker to take control of an infected computer. When a computer is infected, the Trojan connects to an Internet Relay Chat (IRC) server and joins a channel in order to receive commands from the controlling attacker. These commands can instruct the Trojan to perform a number of different actions, including downloading and installing additional components and spreading to other computers via MSN Messenger.
Alert level: severe
Updated on Jul 26, 2004
Win32/Randex.AG is a network worm that targets computers running certain versions of Microsoft Windows. The worm randomly generates and scans IP addresses to spread to writeable network shares that have weak passwords. The worm also has backdoor capabilities that allow attackers to control an infected computer through an IRC channel.
Alert level: severe
Updated on Dec 19, 2004
Win32/Mydoom.AA@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also installs a .dll file that acts as a backdoor.
Alert level: severe
Updated on Dec 20, 2004
Win32/Mydoom.AB@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer.
Alert level: severe
Updated on Jan 25, 2005
Win32/Mydoom.AC@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. 
Alert level: severe
Updated on Jan 27, 2005
Win32/Mydoom.AD@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. 
Alert level: severe
Updated on Feb 09, 2005
Win32/Mydoom.AN@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm spreads by e-mailing itself to computers and through the ICQ Instant Messenger program. It also disables certain security-related software such as the Windows Firewall and certain antivirus programs.
Alert level: severe