Windows Defender Antivirus detects and removes this threat.

 

Win32/Zotob is a network worm that primarily targets Microsoft Windows 2000 computers that do not have Microsoft Security Bulletin MS05-039 installed. MS05-039 patches the Windows Plug-and-Play buffer overflow vulnerability.

 

Win32/Zotob can also infect computers running other Windows operating systems if it is delivered through email, instant messaging, or other routes. The worm has a backdoor component that connects to an IRC server to receive commands from attackers.

 

Win32/Mytob is a family of mass-mailing worms that targets computers running certain versions of Microsoft Windows. The worm can spread by exploiting Windows vulnerabilities that are fixed by installing Microsoft Security Updates MS03-026 and MS04-011. The worm can also spread by sending a copy of itself through e-mail, MSN Messenger, or Windows Messenger. 

Win32/Bropia.A.worm is a worm that targets computers running certain versions of Microsoft Windows. The worm spreads and is activated when a user clicks a file that is sent through MSN Messenger or Windows Messenger. The worm drops Win32/HLLW.Spybot.AI when it runs.

Win32/Sobig.A@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on the infected computer. The worm can also spread to writeable network shares.

Win32/BlackAngel.D is an instant messaging worm that spreads by sending a link to a copy of itself to MSN Messenger contacts. Win32/BlackAngel.D disables certain antivirus, security and utility processes found running on infected systems. To detect and remove this threat, visit either of the following:

The Win32/Msblast family of network worms exploit a Remote Procedure Call (RPC) Distributed Component Object Model (DCOM) vulnerability on Microsoft Windows 2000 and Windows XP systems. The worm may also attempt denial of service (DoS) attacks on some server sites, or create a backdoor program that allows attackers to access the infected system.

Win32/Zindos is a worm that targets computers running the following Microsoft Windows 9x, Windows ME, Windows NT, Windows 2000, and Windows XP. The worm spreads to computers that are already infected by the mass-mailer worm Win32/Mydoom.O@mm. Win32/Zindos may perform a denial of service (DoS) attack against certain Web sites.

The Win32/Rbot family of backdoor Trojans targets certain versions of Microsoft Windows. After the Trojan infects a computer, it allows attackers to control the computer through an IRC channel. Some commands instruct Win32/Rbot to spread to other computers by scanning for network shares with weak passwords, exploiting various Windows vulnerabilities, or spreading through backdoor ports opened by other families of malicious software. The Trojan also allows attackers to perform other backdoor functions, such as launching denial of service (DoS) attacks against certain Web sites and retrieving system information from infected computers. 

Windows Defender Antivirus detects and removes this threat.

 

Win32/Codbot is a family of network worms that targets computers running certain versions of Microsoft Windows.

 

Some variants of this family spread to network shares with weak administrator passwords. Other Win32/Codbot variants spread by exploiting one or more Windows vulnerabilities. The worm has a backdoor component that connects to an IRC server from an infected computer to receive commands from attackers.

Worm:Win32/Roron.AA@mm is a worm that attempts to send personal information to a remote address. It may spread via e-mail, network shares, or peer-to-peer file sharing.

Win32/Korgo.D.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Bulletin MS04-011 installed. The worm also monitors TCP ports and opens a backdoor to allow unauthorized access to infected systems. A computer infected with this worm may crash and reboot unexpectedly.

Win32/Korgo.A.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Bulletin MS04-011 installed. The worm also monitors TCP ports and opens a backdoor to allow unauthorized access to infected computers. A computer infected with this worm may crash and reboot unexpectedly.

Win32/Korgo.B.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Bulletin MS04-011 installed. The worm also monitors TCP ports and opens a backdoor to allow unauthorized access to infected systems. A computer infected with this worm may crash and reboot unexpectedly.

Win32/Korgo.C.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Bulletin MS04-011 installed. The worm monitors TCP ports and opens a backdoor to allow unauthorized access to infected systems. A computer infected with this worm may crash and reboot unexpectedly.

Win32/Korgo.E.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Bulletin MS04-011 installed. The worm also monitors TCP ports and opens a backdoor to allow unauthorized access to infected systems. A computer infected with this worm may crash and reboot unexpectedly.

Win32/Korgo.G.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Bulletin MS04-011 installed. The worm also monitors TCP ports and opens a backdoor to allow unauthorized access to infected computers. A computer infected with this worm may crash and reboot unexpectedly.

Win32/Korgo.I.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Bulletin MS04-011 installed. The worm monitors TCP ports and opens a backdoor to allow unauthorized access to infected computers. A computer infected with this worm may crash and reboot unexpectedly.