Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
855 entries found. Displaying page 17 of 43.
Updated on Jun 23, 2005
VirTool:WinNT/Hackdef.I is a Windows kernel-mode rootkit program that targets computers running certain versions of Microsoft Windows. It can be used to elevate process privileges. This rootkit is often bundled with other malicious software; this may include variants of Win32/Hackdef such as Backdoor:Win32/Hackdef.BB.
Alert level: severe
Updated on Oct 24, 2005
Windows Defender Antivirus detects and removes this threat.
 
Win32/Codbot is a family of network worms that targets computers running certain versions of Microsoft Windows.
 
Some variants of this family spread to network shares with weak administrator passwords. Other Win32/Codbot variants spread by exploiting one or more Windows vulnerabilities. The worm has a backdoor component that connects to an IRC server from an infected computer to receive commands from attackers.
Alert level: severe
Updated on Jul 16, 2006
TrojanDownloader:Win32/Monnet is bundled with third-party software that includes Network Monitor, a tool used to monitor network traffic. Win32/Monnet may contact a remote Web server, register its installation, and then await further commands.
Alert level: severe
Updated on Dec 08, 2006

Tool:Win32/Lambot is a detection for a tool that is used to gather information about computers. This program was detected by definitions prior to 1.149.657.0 as it violated the guidelines by which Microsoft identified unwanted software. Based on analysis using current guidelines, the program does not have unwanted behaviors. Microsoft has released definition 1.149.657.0 which no longer detects this program.

Alert level: severe
Updated on Dec 12, 2006
Trojan:Win32/Delf.M!CME-96 is a user-mode rootkit that hides its own presence on the system, as well as hiding the presence of other malicious software to which it may be associated.
Alert level: severe
Updated on Jan 16, 2007
Trojan:Win32/Delf.M is a user-mode rootkit that hides its own presence on the system, as well as hiding the presence of other malicious software to which it may be associated. This trojan will be detected by Microsoft as Trojan:Win32/Delf.M!CME-96.
Alert level: severe
Updated on Mar 23, 2007
Backdoor:BAT/Zapchast.H opens a backdoor on compromised system, installs the mirc chat client, and uses that client to connect to an IRC server which allows attackers to remotely administer the Trojan.
Alert level: severe
Updated on Mar 25, 2007
Backdoor:IRC/Zapchast.H opens a backdoor on compromised system, installs the mirc chat client, and uses that client to connect to an IRC server which allows attackers to remotely administer the Trojan.
Alert level: severe
Updated on Mar 25, 2007
Trojan:BAT/Zapchast.H opens a backdoor on compromised system, installs the mirc chat client, and uses that client to connect to an IRC server which allows attackers to remotely administer the Trojan.
Alert level: severe
Updated on Aug 22, 2007
Backdoor:Win32/IRCbot is a Trojan that connects to an Internet Relay Chat (IRC) server and provides attackers with remote access to the infected system. Commands that can be remotely executed include downloading and executing files. Backdoor:Win32/IRCbot also includes the ability to send itself to MSN Messenger contacts.
Alert level: severe
Updated on Sep 25, 2007
Worm:Win32/Moriogu.A is a worm that spreads via network drives. It also modifies various system settings, including the system boot menu.
Alert level: severe
Updated on Oct 17, 2007
Backdoor:Win32/VB.CCB is a worm that spreads via network drives. It also modifies various system settings, including the system boot menu.
Alert level: severe
Updated on Apr 30, 2008
Backdoor:Win32/Hackdef.AD is a backdoor trojan with rootkit functionality. This trojan may hide services, processes and ports and masquerade as a service named "Windows AutoUpdates".
Alert level: severe
Updated on Sep 02, 2004
Backdoor:Win32/Rbot.DH is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
Alert level: severe
Updated on Sep 14, 2004
Backdoor:Win32/Rbot.DF is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
Alert level: severe
Updated on Sep 14, 2004
Backdoor:Win32/Rbot.DG is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
Alert level: severe
Updated on Sep 19, 2004
Backdoor:Win32/Rbot.AF connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
 
Backdoor:Win32/Rbot.AF may be detected as Backdoor:Win32/Rbot!8A89. 
Alert level: severe
Updated on Sep 28, 2004
Backdoor:Win32/Rbot.AH is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
 
Backdoor:Win32/Rbot.AH may be detected as Backdoor:Win32/Rbot!2EAA.
Alert level: severe
Updated on Sep 29, 2004
Backdoor:Win32/Rbot.AG is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
 
Backdoor:Win32/Rbot.AG may be detected as Backdoor:Win32/Rbot.gen!A.
Alert level: severe
Updated on Oct 12, 2004
Backdoor:Win32/Rbot.AJ is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.
 
Backdoor:Win32/Rbot.AJ may be detected as Backdoor:Win32/Rbot.gen!A.
Alert level: severe