787 entries found.
Displaying page 23
of 40.
Backdoor:Win32/Gaobot.Y
Updated on Dec 22, 2004
Backdoor:Win32/Gaobot.Y is a backdoor Trojan that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS03-001, MS03-007, or MS03-026. After the Trojan copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Alert level:
severe
Win32/Bagle.AX@mm
Updated on Feb 23, 2005
Win32/Bagle.AX@mm is a mass-mailing worm that creates and runs the worm Win32/Bagle.AS@mm.
Alert level:
severe
Win32/Bagle.BD@mm
Updated on Feb 23, 2005
Win32/Bagle.BD@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when the user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level:
severe
Worm:Win32/Wukill.F@mm
Updated on Jan 29, 2007
Win32/Wukill.F@mm is a mass-mailing e-mail worm that also spreads via local and mapped drives. The worm modifies the registry to disable viewing of file extensions and paths in Windows Explorer.
Alert level:
severe
Worm:Win32/Funner.A
Updated on Mar 20, 2007
Win32/Funner is an instant messaging worm that spreads through MSN Messenger, MSN Communicator, and QQ. The worm overwrites the HOSTS file to redirect certain outbound Internet traffic from the infected computer to an attacker’s server, which could enable phishing and man-in-the-middle attacks. These attacks may include theft of credentials such as user names, passwords, and credit card data, as well as injection of malicious code into Internet traffic that is bound for the user's computer.
Alert level:
severe
Worm:Win32/Nuwar.IR
Updated on Mar 23, 2007
Worm:Win32/Nuwar.IR registers itself as a Licensed Service Provider (LSP) on the compromised system. The worm receives messages from a remote Web site which it then appends to outgoing Web-based communications. The message includes a link that points to a copy of the worm file. These messages may be appended to outgoing instant messaging chats, Web-based e-mail, as well as blog comments and forum posts.
Alert level:
severe
Worm:Win32/Netsky.D
Updated on Apr 22, 2007
Win32/Netsky.D@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens an e-mail attachment that contains the worm. There may be no readily apparent indications that a computer is infected with this worm.
Alert level:
severe
Worm:Win32/Netsky.P
Updated on Apr 22, 2007
Win32/Netsky.P@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens an e-mail attachment that contains the worm. The worm also exploits a vulnerability that is fixed in Microsoft Security Bulletin MS01-020.
Alert level:
severe
Worm:Win32/Nuwar.JL
Updated on Apr 26, 2007
Worm:Win32/Nuwar.JL is specific detection for password protected RAR archives containing the Win32/Nuwar worm. The RAR archive is included as an attachment to certain variants of Win32/Nuwar composed e-mail. Included in the RAR archive is a password protected copy of the worm and a GIF image file containing the password, which is displayed as inline html in the e-mail message.
For more information on this threat, see the write-up for Worm:Win32/Nuwar.gen.
Alert level:
severe
Worm:Win32/Culler.C
Updated on May 21, 2007
Worm:Win32/Culler.C is an instant messaging worm that spreads by sending links to copies of itself via MSN Messenger. Worm:Win32/Culler.C continually terminates processes related to Task Manager, Registry Editor and System Restore.
Alert level:
severe
TrojanDownloader:MSIL/Truado.C
Updated on May 17, 2013
Windows Defender Antivirus detects and removes this threat.
This trojan downloads and installs other programs without your consent, including other malware.
This threat makes itself look like an Adobe update to trick you into installing it. It is usually download from a malicious website.
This threat makes itself look like an Adobe update to trick you into installing it. It is usually download from a malicious website.
Alert level:
severe
Worm:Win32/Randex.BF
Updated on Jul 12, 2004
Win32/Randex.BF is a network worm that targets computers running certain versions of Microsoft Windows. The worm scans IP addresses randomly to attempt to spread to writeable network shares that have weak passwords. The worm also has backdoor capabilities that allow attackers to control an infected computer through an IRC channel.
Alert level:
severe
Worm:Win32/Randex.FC
Updated on Jul 20, 2004
Win32/Randex.FC is a network worm that targets computers running certain versions of Microsoft Windows. The worm randomly scans IP addresses to spread to writeable network shares that have weak passwords. The worm also has backdoor capabilities that allow attackers to control an infected computer through an IRC channel.
Alert level:
severe
Worm:Win32/Zafi.A@mm
Updated on Sep 14, 2004
Win32/Zafi.A@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself to e-mail addresses it finds on an infected machine. The worm is activated when a user opens an e-mail attachment that contains the worm.
Alert level:
severe
Worm:Win32/Zafi.B@mm
Updated on Sep 15, 2004
Win32/Zafi.B@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself to certain e-mail addresses that it finds on an infected machine. The worm is activated when a user opens the e-mail attachment that contains the worm. The worm also overwrites certain executable files on the infected computer.
Alert level:
severe
Worm:Win32/Spybot.AQ
Updated on Sep 21, 2004
Win32/SpyBot.AQ.worm is a network worm that targets certain versions of Microsoft Windows. The worm can spread to writeable network shares that have weak passwords. It can also spread by exploiting various Windows vulnerabilities. The worm opens a backdoor that allows attackers to control the computer over an IRC channel.
Alert level:
severe
Worm:Win32/Spybot.AI
Updated on Sep 28, 2004
Worm:Win32/Spybot.AI is a network worm that targets certain versions of Microsoft Windows. The worm exploits the Windows LSASS buffer overrun vulnerability, spreading to computers that do not have Microsoft Security Bulletin MS04-011 installed. The worm opens a backdoor that allows attackers to control the infected computer through an IRC channel.
Alert level:
severe
Worm:Win32/Zafi.C@mm
Updated on Oct 27, 2004
Win32/Zafi.C@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself to certain e-mail addresses that it finds on an infected machine. The worm is activated when a user opens the e-mail attachment that contains the worm. The worm overwrites certain executable files on the infected computer.
Alert level:
severe