Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
787 entries found. Displaying page 18 of 40.
Updated on Oct 12, 2005
TrojanProxy:Win32/Mitglieder.AA is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan injects its code into the Windows Explorer process explorer.exe. The Trojan monitors a randomly chosen TCP port for commands from attackers. Attackers can use the computer as a Web and SMTP proxy. 
Alert level: severe
Updated on Mar 16, 2006
Windows Defender Antivirus detects and removes this threat.
 
This family of mass-mailing worm target certain versions of Microsoft Windows.

The worm sends itself as an attachment to email addresses that it finds in files on the infected computer. The worm is activated when a user opens the attachment.
Alert level: high
Updated on Jul 10, 2007
Worm:Win32/Hary.A Worm:Win32/Hary.A is a worm that poses as a copy of J K Rowling's book "Harry Potter and the Deathly Hallows". The worm spreads between USB drives and personal computers, changing Internet Explorer settings and disabling certain system tools.
Alert level: severe
Updated on Feb 27, 2010
PWS:Win32/Zbot.WO is a password stealing trojan. Win32/Zbot also contains backdoor functionality that allows unauthorized access and control of an affected machine.
Alert level: severe
Updated on Jul 28, 2004
Win32/Randex.Z is a network worm that targets computers running certain versions of Microsoft Windows. The worm attempts to spread by randomly scanning IP addresses for writeable network shares with weak passwords. The worm also has backdoor capabilities that allow attackers to control the infected computer through an IRC channel.
Alert level: severe
Updated on Sep 16, 2004
Win32/Randex.FH.worm is a network worm that targets computers running certain versions of Microsoft Windows. The worm generates and scans IP addresses randomly to attempt to spread to writeable network shares that have weak passwords. After the worm infects a computer, it connects to an IRC server to receive commands from an attacker.
Alert level: severe
Updated on Nov 29, 2004
Win32/HLLW.Nachi.C is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Alert level: severe
Updated on Dec 02, 2004
Win32/HLLW.Nachi.B is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Alert level: severe
Updated on Dec 02, 2004
Win32/HLLW.Nachi.D is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Alert level: severe
Updated on Dec 03, 2004
Win32/HLLW.Nachi.E is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Alert level: severe
Updated on Dec 03, 2004
Win32/HLLW.Nachi.F is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Alert level: severe
Updated on Dec 03, 2004
Win32/HLLW.Nachi.G is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Alert level: severe
Updated on Dec 03, 2004
Win32/HLLW.Nachi.G is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
 
 It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove network worms Win32/Mydoom.A@mm, Win32/Mydoom.B@mm, Win32/HLLW.Doomjuice.A and Win32/HLLW.Doomjuice.B if they are on the infected system.
Alert level: severe
Updated on Dec 04, 2004
Win32/HLLW.Nachi.K is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Alert level: severe
Updated on Dec 04, 2004
Win32/HLLW.Nachi.L is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Alert level: severe
Updated on Dec 04, 2004
Win32/HLLW.Nachi.I is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Alert level: severe
Updated on Dec 04, 2004
Win32/HLLW.Nachi.J is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Alert level: severe
Updated on Dec 30, 2004
Win32/Gaobot.ZN.worm is a backdoor Trojan that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS01-059, MS02-061, MS03-001, MS03-007, MS03-026, or MS03-049. After the Trojan copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Alert level: severe
Updated on Jan 24, 2005
Win32/Randex.FD.worm is a network worm that targets computers running certain versions of Microsoft Windows. The worm spreads by randomly scanning IP addresses for writeable network shares with weak passwords. After the worm infects a computer, it connects to an IRC server to receive commands from an attacker. Some variants of Win32/Randex.FD.worm also drop a Trojan proxy.
Alert level: severe
Updated on Aug 17, 2005
Worm:Win32/Zotob.G is a network worm that primarily targets Microsoft Windows 2000 computers by exploiting the Windows Plug-and-Play buffer overflow vulnerability that is fixed with Microsoft Security Bulletin MS05-039. The worm can also infect computers running other Windows operating systems if it is delivered through e-mail, instant messaging, or other routes. The worm has a backdoor component that connects to an IRC server from the infected computer to receive commands from attackers.  
Alert level: severe