787 entries found.
Displaying page 16
of 40.
Worm:Win32/Mydoom.AE@mm
Updated on Feb 18, 2005
Win32/Mydoom.AE@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer.
Alert level:
severe
Worm:Win32/Mydoom.AF@mm
Updated on Feb 18, 2005
Win32/Mydoom.AF@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself to certain e-mail addresses that it finds in certain files on the infected computer.
Alert level:
severe
Worm:Win32/Mydoom.AG@mm
Updated on Feb 18, 2005
Win32/Mydoom.AG@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on the infected computer.
Alert level:
severe
Worm:Win32/Mydoom.AQ@mm
Updated on Feb 21, 2005
Win32/Mydoom.AQ@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself to e-mail addresses it gathers from Web site queries and the infected computer. The worm also monitors a TCP port for commands from remote attackers.
Alert level:
severe
Worm:Win32/Mydoom.AL@mm
Updated on Feb 22, 2005
Win32/Mydoom.AL@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm spreads by e-mailing itself to computers and also through the ICQ Instant Messenger program. It disables certain security-related software such as the Windows firewall and certain antivirus programs.
Alert level:
severe
Worm:Win32/Mydoom.AT@mm
Updated on Feb 23, 2005
Win32/Mydoom.AT@mm is a mass-mailing worm that targets certain versions of Microsoft Windows.
The worm sends itself to e-mail addresses that it gathers from Web site queries and the infected computer. The worm also monitors a TCP port for commands from remote attackers.
Alert level:
severe
Worm:Win32/Mydoom.AW@mm
Updated on Apr 25, 2005
Win32/Mydoom.AW@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm spreads using peer-to-peer applications and by sending itself as an attachment to e-mail addresses that it finds on the infected computer. It terminates processes related to security software and malicious software and can prevent access to Web sites of some security-related products. It also downloads and executes files from certain Web sites.
Alert level:
severe
Worm:Win32/Mytob.BD@mm
Updated on May 17, 2005
Win32/Mytob.BD@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm spreads by sending itself as an e-mail attachment to addresses that it finds on an infected computer. The worm has a backdoor component that allows attackers to control an infected computer through an IRC channel.
Alert level:
severe
Worm:Win32/Mytob.DV@mm
Updated on Oct 03, 2005
Win32/Mytob.DV@mm is a mass-mailing worm that targets certain versions of Windows. The worm spreads by sending a copy of itself as an attachment to e-mail addresses found on the computer. The worm has a backdoor component that connects to an IRC server to receive commands from attackers.
Alert level:
severe
Worm:MSH/Cibyz.A
Updated on Aug 01, 2006
Worm:MSH/Cibyz.A is a proof-of-concept P2P worm written in Windows PowerShell script. The worm cannot run automatically. A user must purposely engage in several actions in order to deliberately cause the worm to run. The specific steps required to cause Worm:MSH/Cibyz.A to run are outlined here:
http://blogs.msdn.com/powershell/archive/2006/08/03/687838.aspx
http://blogs.msdn.com/powershell/archive/2006/08/03/687838.aspx
When Worm:MSH/Cibyz.A does run, it overwrites files with the following file extensions: .bat, .cmd, .log, .ini, .txt, .js, and .html extensions. Worm:MSH/Cibyz.A changes the original extension to .msh after overwriting the file. Worm:MSH/Cibyz.A also prepends its code to files which have either a .msh or .ps1 file extension. The worm also spreads by copying itself to folders used by the Kazaa file sharing application.
Alert level:
severe
Worm:Win32/Stration.DH@mm!CME416
Updated on Nov 03, 2006
Win32/Stration.DH@mm!CME-416 is a mass-mailing email worm that sends itself to addresses obtained from a wide range of file types found on the infected system. The e-mail message composed by the worm may masquerade as a failure message or as a scanning tool. Win32/Stration.DH@mm!CME-416 also acts as a Trojan downloader, attempting to download a file from a remote website. The downloaded file may be another variant of the Win32/Stration family.
Alert level:
severe
Worm:Win32/Mydoom.AR@mm!CME901
Updated on Nov 30, 2006
Win32/Mydoom.AR@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it gathers from Web site queries and from the infected computer. The worm also monitors a TCP port for commands from remote attackers.
Alert level:
severe
Win32/Opaserv
Updated on May 11, 2005
Windows Defender Antivirus detects and removes this threat.
Win32/Opaserv is a family of network worms that targets computers running certain versions of Microsoft Windows.
The worm spreads through network shares using weak passwords or by exploiting the Windows vulnerability described in Microsoft Security Bulletin MS00-072. The worm can connect to a specified Web site to update itself. A Trojan dropped by one or more Opaserv variants performs operations that can prevent a computer from restarting.
Alert level:
severe
Win32/Antinny
Updated on Sep 30, 2005
Win32/Antinny is a family of worms that targets certain versions of Microsoft Windows. The worm spreads using a Japanese peer-to-peer file-sharing application named Winny. The worm creates a copy of itself with a deceptive file name in the Winny upload folder so that it can be downloaded by other Winny users.
http://www.microsoft.com/japan/security/encyclopedia/Antinny.mspx
Alert level:
high
Win32/Stration.DH@mm
Updated on Nov 06, 2006
Win32/Stration.DH@mm!CME-416 is a mass-mailing email worm that sends itself to addresses obtained from a wide range of file types found on the infected system. The e-mail message composed by the worm may masquerade as a failure message or as a scanning tool. Win32/Stration.DH@mm!CME-416 also acts as a Trojan downloader, attempting to download a file from a remote website. The downloaded file may be another variant of the Win32/Stration family.
Alert level:
high
Worm:VBS/Slows.A
Updated on Apr 21, 2007
Worm:VBS/Slows.A is a worm that copies itself to all logical drives and the Windows folder as ".MS32DLL.dll.vbs". Worm:VBS/Slows.A runs when Windows is started on an infected machine. Worm:VBS/Slows.A also makes certain registry edits to lower security settings on the infected computer.
Alert level:
severe
Worm:Win32/Brontok@mm
Updated on May 08, 2007
Win32/Brontok is a family of mass-mailing e-mail worms. The worm spreads by sending a copy of itself as an e-mail attachment to e-mail addresses that it gathers from files on the infected computer. It can also copy itself to USB and pen drives. Win32/Brontok can disable antivirus and security software, immediately terminate certain applications, and cause Windows to restart immediately when certain applications run. The worm may also conduct denial of service (DoS) attacks against certain Web sites.
Alert level:
severe
Worm:Win32/Pykspa.A
Updated on Sep 11, 2007
Worm:Win32/Pykspa.A is a worm that sends instant-messages on behalf of a user logged into Skype, an Internet chat client application. Messages sent contain a link to a remote Web site hosting a copy of the worm. Worm:Win32/Pykspa.A terminates processes, and redirects Web browser connections for various security-related Web sites to random IP addresses.
Alert level:
severe