Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
500 entries found. Displaying page 3 of 25.
Updated on Sep 11, 2006
PWS:Win32/Sinowal.K is a data-stealing Trojan. It is dropped by PWS:Win32/Sinowal.E. For more information, see http://www.microsoft.com/security/encyclopedia/details.aspx?Name=PWS:Win32/Sinowal.E
Alert level: severe
Updated on Nov 27, 2006
Win32/Bagle.X@mm!CME-328 is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds in certain files on the infected computer. The worm is activated when the e-mail recipient opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
 
This threat was assigned CME ID 328.
Alert level: severe
Updated on Nov 27, 2006
Worm:Win32/Esbot.A is a network worm that targets computers running Microsoft Windows 2000 that do not have Microsoft Security Bulletin MS05-039 installed. The worm can also infect computers running other Windows operating systems if it is delivered through e-mail, instant messaging, or other routes. The worm has a backdoor component that connects to an IRC server to receive commands from attackers.
Alert level: severe
Updated on Nov 30, 2006
TrojanDropper:Win32/Bagle.BL is a Trojan that targets computers running certain versions of Microsoft Windows. The dropper spreads as an e-mail attachment sent by an attacker. When a user opens the attachment, TrojanDropper:Win32/Bagle.BL installs itself on the computer and drops TrojanDownloader:Win32/Bagle.BK.dll.
Alert level: severe
Updated on Jan 28, 2005
Backdoor:Win32/Berbew.AI is a backdoor Trojan that downloads to a computer by another downloader Trojan that is sent in e-mail. Backdoor:Win32/Berbew.AI retrieves locally cached password and sends them to a Web site. The Trojan opens certain ports.
Alert level: severe
Updated on Feb 01, 2005
Win32/Netsky.E@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens an e-mail attachment that contains the worm. There may be no readily apparent indications that a computer is infected with this worm.
Alert level: severe
Updated on Feb 01, 2005
Win32/Korgo.AF.worm is a network worm that targets computers running Microsoft Windows XP or Windows 2000 that do not have Microsoft Security Update MS04-011 installed. The worm also monitors TCP ports and opens a backdoor to allow unauthorized access to infected computers. A computer infected with this worm may crash and reboot unexpectedly.
Alert level: severe
Updated on Feb 03, 2005
Win32/Msblast.B is a network worm that can spread to a computer running Microsoft Windows 2000 and Windows XP that does not have Security Update MS03-026 or MS03-039 installed. The worm performs a denial of service (DoS) attack against windowsupdate.com, if the day of the month is greater than 15 or the month is greater than 8.
Alert level: severe
Updated on Feb 27, 2005
Win32/Bropia.A.worm is a worm that targets computers running certain versions of Microsoft Windows. The worm spreads and is activated when a user clicks a file that is sent through MSN Messenger or Windows Messenger. The worm drops Win32/HLLW.Spybot.AI when it runs.
Alert level: severe
Updated on Mar 07, 2005
Win32/Gaobot.ZT.worm is a network worm that targets certain versions of Microsoft Windows. It spreads by exploiting vulnerabilities that are patched in several Microsoft Security Bulletins. To retrieve personal and system information, it also spreads to writeable network shares that have weak administrator passwords. The worm targets certain Web sites for denial of service (DoS) attacks. The worm also has backdoor capabilities, which allow attackers to control an infected computer through an IRC channel.
Alert level: severe
Updated on Mar 07, 2005
Win32/Sober.D@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment.
Alert level: severe
Updated on Mar 24, 2005
W32.Mimail.P@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses on the infected computer. When the user opens the attachment, it can display a series of dialog boxes that the worm uses to gather and transmit user credit card information.
Alert level: severe
Updated on Apr 11, 2005
W32.Mimail.M@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when the user opens the attachment.
Alert level: severe
Updated on Apr 11, 2005
Win32/Gaobot.ZZ is a network worm that targets certain versions of Microsoft Windows. The worm can spread across network connections by exploiting several Windows vulnerabilities. The worm has a backdoor component that allows attackers to control an infected computer using IRC channels. It also acts as a bot on the IRC network, launching massive distributed denial of service (DDoS) attacks and retrieving personal and system information.
Alert level: severe
Updated on Apr 26, 2005
Trojan:Win32/Goweh.D is a Trojan that alters several settings in Internet Explorer. It changes the home page and redirects search queries and traffic to other Web pages. Win32/Goweh.D is usually installed on a computer by another Trojan dropper or downloader.
Alert level: severe
Updated on Apr 28, 2005
Backdoor:Win32/Hackdef.P is a backdoor Trojan that is distributed in various ways to computers running certain versions of Microsoft Windows. This Trojan is a user-mode rootkit. It creates, alters, and hides Windows system resources and can hide proxy services and backdoor functionality. It can also conceal use of TCP and UDP ports for receiving commands from attackers.
Alert level: severe
Updated on May 06, 2005
This software threat is detected and removed by the Malicious Software Removal Tool. For more information, see the parent variant.
Alert level: severe
Updated on May 06, 2005
This software threat is detected and removed by the Malicious Software Removal Tool. For more information, see the parent variant.
Alert level: severe
Updated on May 06, 2005
This software threat is detected and removed by the Malicious Software Removal Tool. For more information, see the parent variant.
Alert level: severe
Updated on May 09, 2005
This software threat is detected and removed by the Malicious Software Removal Tool. For more information, see the parent variant.
Alert level: severe