Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
500 entries found. Displaying page 3 of 25.
Updated on Mar 03, 2005
Win32/Bagle.AQ@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. It also spreads through file-sharing networks. The worm opens a backdoor on a TCP port that allows use of the infected computer as an HTTP relay.
Also detected as: W32/Bagle.AM.worm(Panda),WORM_BAGLE.AC(Trend Micro)
Alert level: severe
Updated on Mar 03, 2005
Win32/Bagle.AW@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers. One variant of Win32/Bagle.AW@mm injects the worm code into all Windows executable files on an infected computer.
Also detected as: Win32/Bagle.AL!Worm(CA),Win32/Bagle.AS!Worm(CA),WORM_BAGLE.AX(Trend Micro)
Alert level: severe
Updated on Mar 07, 2005
Win32/Mydoom.AN@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm spreads by e-mailing itself to computers and through the ICQ Instant Messenger program. It also disables certain security-related software such as the Windows Firewall and certain antivirus programs.
Also detected as: Win32/Mydoom.AL!Worm(CA)
Alert level: severe
Updated on Apr 07, 2005
W32.Mimail.Q@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses on the infected computer. The worm is activated when the user opens the attachment.
Also detected as: Win32/Mimail.Q!Worm(CA),WORM_MIMAIL.Q(Trend Micro)
Alert level: severe
Updated on Jul 01, 2005
Win32/HLLW.Randex.A is a worm that targets computers running certain versions of Microsoft Windows. The worm generates and scans IP addresses randomly to attempt to spread to writeable network shares that have weak passwords. If your computer is infected by this worm, you may notice crashes or slowdowns during normal operation.
Also detected as: W32/Morph.worm(McAfee),WORM_MORPH.A(Trend Micro)
Alert level: severe
Updated on May 17, 2005
Worm:Win32/Gaobot.ZF is a worm that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS03-001, MS03-007, or MS03-026. After the Trojan copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Also detected as: Win32/Agobot.AF.Worm(CA),WORM_AGOBOT.ZF(Trend Micro),W32/Gaobot.worm.gen.d(McAfee)
Alert level: severe
Updated on Dec 08, 2006
Win32/Bagle.AX@mm is a mass-mailing worm that creates and runs the worm Win32/Bagle.AS@mm.
Also detected as: Win32.Bagle.AQ!Worm(CA),WORM_BAGLE.AT(Trend Micro)
Alert level: severe
Updated on Dec 04, 2007
Win32/Sasser.C is a network worm that exploits the Local Security Authority Subsystem Service (LSASS) vulnerability fixed in Microsoft Security Update MS04-011. The worm targets Windows 2000 and Windows XP computers that do not have the MS04-011 security update installed. Infected computers attempt to spread the worm to other unprotected computers by randomly scanning IP addresses and infecting vulnerable computers.
Also detected as: W32.Sasser.C.Worm(Symantec),WORM_SASSER.C(Trend Micro),W32/Sasser.worm.c(McAfee)
Alert level: severe
Updated on Oct 21, 2005
Win32/Mytob.DR@mm is a mass-mailing worm that targets computers running certain versions of Windows. The worm spreads by sending a copy of itself as an attachment to e-mail addresses found on the computer.  The worm has a backdoor component that connects to an IRC server from an infected computer to receive commands from attackers.
Also detected as: Win32/Mytob.40448!Worm(CA),W32/Mytob.FD.worm(Panda),Net-Worm.Win32.Mytob.bi(Kaspersky)
Alert level: severe
Updated on Apr 11, 2005
W32.Mimail.S@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when the user opens the attachment. The worm also launches denial of service (DoS) attacks against certain Web sites.
Also detected as: Win32/Mimail.Variant!Worm(CA)
Alert level: severe
Updated on May 13, 2005
Win32/HLLW.Nachi.B is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Also detected as: W32.Welchia.B.Worm(Symantec),WORM_NACHI.B(Trend Micro)
Alert level: severe
Updated on May 16, 2005
Worm:Win32/Gaobot.BR is a worm that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS03-001, MS03-007, or MS03-026. After the Trojan copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Also detected as: Win32/Agobot.CM.Worm(CA),WORM_AGOBOT.BC(Trend Micro),W32/Gaobot.worm.gen.d(McAfee)
Alert level: severe
Updated on Nov 27, 2006
Worm:Win32/Zotob.A is a network worm that exploits the Plug-and-Play vulnerability fixed in Microsoft Security Bulletin MS05-039. The worm targets computers running Microsoft Windows 2000 that do not have MS05-039 installed. The worm can also infect computers running other versions of Windows operating systems if it is delivered through e-mail, instant messaging, or other routes.
Also detected as: W32/Zotob.worm(McAfee),W32/Bozor.A.worm(Panda),Net-Worm.Win32.Mytob.cd(Kaspersky)
Alert level: severe
Updated on Feb 21, 2005
Win32/Sasser.B is a network worm that exploits the Local Security Authority Subsystem Service (LSASS) vulnerability fixed in Microsoft Security Update MS04-011. The worm targets Windows 2000 and Windows XP computers that do not have the MS04-011 security update installed. Infected computers attempt to spread the worm to other unprotected computers by randomly scanning IP addresses and infecting vulnerable computers.
Also detected as: W32.Sasser.B.Worm(Symantec),WORM_SASSER.B(Trend Micro),W32/Sasser.worm.b(McAfee)
Alert level: severe
Updated on Mar 03, 2005
Win32/Bagle.BE@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when the user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Also detected as: Win32.Bagle.AU!Worm(CA),WORM_BAGLE.AZ(Trend Micro)
Alert level: severe
Updated on Mar 03, 2005
Win32/Bagle.AJ@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Also detected as: Win32.Bagle.AH!Worm(CA),WORM_BAGLE.AJ(Trend Micro)
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/RJump.F is a worm that attempts to spread by copying itself to local, removable and network drives. It also contains functionality that allows an attacker to download and execute arbitrary files, including additional malicious software, on the user’s machine.
Also detected as: W32/DKR.worm(McAfee)
Alert level: severe
Updated on Jan 08, 2005
The Win32/Gaobot.worm family of worms spreads using different methods, depending on the variant. Some variants spread to machines with weak passwords. Others exploit vulnerabilities to infect machines. Once a machine is infected, the worm connects to an IRC server to receive commands.
Also detected as: W32/Gaobot.worm(McAfee),WORM_AGOBOT(Trend Micro)
Alert level: severe
Updated on Mar 03, 2005
Win32/Bagle.AP@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Also detected as: Win32.Bagle.AP!Worm(CA),WORM_BAGLE.AN(Trend Micro)
Alert level: severe
Updated on Oct 11, 2005
Win32/Sober.A@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when the e-mail recipient opens the attachment.
Also detected as: Win32/Sober.A!Worm(CA),WORM_SOBER.A(Trend Micro)
Alert level: severe