Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
500 entries found. Displaying page 4 of 25.
Updated on Oct 11, 2005
Win32/Mytob.Q@mm is a mass-mailing network worm that targets certain versions of Windows. The worm sends a copy of itself as an attachment to e-mail addresses found on the infected computer. The worm can also spread by exploiting the Windows DCOM RPC vulnerability described in Microsoft Security Bulletin MS03-026. Win32/Mytob.Q@mm has a backdoor component that connects to an IRC server to receive commands from attackers.
Also detected as: Win32/Mytob.AE!Worm(CA),WORM_MYTOB.AC(Trend Micro)
Alert level: severe
Updated on Apr 06, 2005
W32.Mimail.H@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses on an infected computer. The worm is activated when the user opens the attachment. The worm also launches denial of service (DoS) attacks against certain Web sites.
Also detected as: Win32/Mimail.F!Worm(CA),WORM_MIMAIL.H(Trend Micro)
Alert level: severe
Updated on Apr 11, 2011
Win32/Antinny is a family of worms that targets certain versions of Microsoft Windows. The worm spreads using a Japanese peer-to-peer file-sharing application named Winny. The worm creates a copy of itself with a deceptive file name in the Winny upload folder so that it can be downloaded by other Winny users.
 
Also detected as: Win32/Antinny.F!Worm(CA),Worm.Win32.Antinny.f(Kaspersky),WORM_Antinny.GEN(Trend Micro)
Alert level: severe
Updated on Dec 14, 2007
Worm:Win32/Lovgate.E@mm is a worm that copies itself to network shares, and sends a copy of itself as a reply to unread messages in the Microsoft Outlook e-mail Inbox. The worm copies shared subfolders, making itself available for download by common peer-to-peer file sharing applications. In addition, Worm:Win32/Lovgate.E@mm opens a TCP port, and awaits backdoor connections from an attacker.
Also detected as: Win32/Lovgate.H!Worm(CA),Email-Worm.Win32.LovGate.f(Kaspersky),WORM_LOVGATE.G(Trend Micro)
Alert level: severe
Updated on Jan 08, 2005
Win32/Msblast.G is a network worm that can spread to a computer running Microsoft Windows 2000 and Windows XP that does not have Security Update MS03-026 installed. It performs a denial of service (DoS) attack against windowsupdate.com, if the day of the month is greater than 15 or if the month is greater than 8.
Also detected as: W32.Blaster.Worm(Symantec),WORM_MSBLAST.G(Trend Micro),W32/Lovsan.worm.a(McAfee)
Alert level: severe
Updated on May 26, 2010
Worm:Win32/Emerleox.gen is a network worm that attempts to copy itself to writable network shares by exploiting weak password/username combinations. When Worm:Win32/Emerleox.gen is run, it attempts to disable certain antivirus and firewall products by disabling registry entries and killing processes associated with those programs.
Also detected as: W32/Fujacks.worm(McAfee)
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/Hooon.B is a worm that spreads via network shares.
Also detected as: W32/Hooon.worm(McAfee),WORM_AGENT.SHO(Trend Micro)
Alert level: severe
Updated on Apr 11, 2011
Worm:Win32/VB.CD is a worm that spreads to removable drives, modifies system settings and may delete files.
Also detected as: W32/Archiles.worm(McAfee),WORM_VB.DRZ(Trend Micro),Worm/VB.AYU(AVG)
Alert level: severe
Updated on Jan 31, 2005
Win32/Msblast.I is a network worm that can spread to a computer running Microsoft Windows 2000 and Windows XP that does not have Security Update MS03-026 or MS03-039 installed. The worm attempts to spread using TCP port 135, UDP port 69, or TCP port 4444. The worm also drops a component that opens a backdoor.
Also detected as: W32.Blaster.T.Worm(Symantec),WORM_MSBLAST.I(Trend Micro),W32/Blaster.worm.k(McAfee)
Alert level: severe
Updated on Feb 07, 2005
Win32/Mydoom.AA@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also installs a .dll file that acts as a backdoor.
Also detected as: Win32/Mydoom.AD.Worm(CA),WORM_MYDOOM.AA(Trend Micro)
Alert level: severe
Updated on Apr 11, 2005
W32.Mimail.V@mm is a network worm that targets certain versions of Microsoft Windows. The worm spreads through peer-to-peer file-sharing networks, writing itself to file-sharing folders. The worm is activated when the user opens the file that was placed in the file-sharing folder.
Also detected as: Win32/Mimail.Q!Worm(CA),WORM_MIMAIL.V(Trend Micro)
Alert level: severe
Updated on May 13, 2005
Win32/HLLW.Nachi.F is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Also detected as: W32.Welchia.D.Worm(Symantec),WORM_NACHI.F(Trend Micro)
Alert level: severe
Updated on May 16, 2005
Worm:Win32/Gaobot.BU is a worm that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS03-001, MS03-007, or MS03-026. After the Trojan copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Also detected as: Win32/Agobot.AZ.Worm(CA),WORM_AGOBOT.AE(Trend Micro),WORM_AGOBOT.BU(Trend Micro)
Alert level: severe
Updated on May 19, 2005
Worm:Win32/Gaobot.AL is a worm that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS03-001, MS03-007, or MS03-026. After the Trojan copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Also detected as: Win32/Agobot.204800.Worm(CA),WORM_AGOBOT.AL(Trend Micro),W32/Gaobot.worm.gen.e(McAfee)
Alert level: severe
Updated on Oct 07, 2005
Backdoor:Win32/Wootbot is a backdoor Trojan that targets certain versions of Microsoft Windows. The Trojan connects to a specific IRC server to receive commands from attackers, which can include instructions to spread to other computers in various ways, such as through network shares, SQL servers, and exploitation of certain Windows vulnerabilities.
Also detected as: W32.Spybot.Worm(Symantec),W32/Sdbot.worm(McAfee),WORM_FORBOT(Trend Micro)
Alert level: severe
Updated on May 13, 2005
Win32/HLLW.Nachi.A is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove the MSBlast worm if it is on the infected system.
Also detected as: W32.Welchia.Worm(Symantec),W32/Nachi.worm(McAfee),WORM_NACHI.A(Trend Micro)
Alert level: severe
Updated on May 13, 2005
Win32/HLLW.Nachi.I is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Also detected as: W32.Welchia.B.Worm(Symantec),WORM_NACHI.B(Trend Micro)
Alert level: severe
Updated on May 13, 2005
Win32/HLLW.Nachi.J is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Also detected as: W32.Welchia.D.Worm(Symantec),WORM_NACHI.J(Trend Micro)
Alert level: severe
Updated on May 17, 2005
Worm:Win32/Gaobot.FQ is a worm that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS03-001, MS03-007, or MS03-026. After the Trojan copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Also detected as: Win32/Agobot.FI.Worm(CA),WORM_AGOBOT.FQ(Trend Micro),W32/Gaobot.worm.gen.e(McAfee)
Alert level: severe
Updated on Sep 20, 2005
Win32/Mytob.T@mm is a mass-mailing network worm that targets computers running certain versions of Microsoft Windows. The worm can spread through e-mail, network shares, MSN Messenger, and Windows Messenger. It can also spread by exploiting the Windows vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026. The worm has a backdoor component that connects to an IRC server to receive commands from attackers.
Also detected as: Win32/Mytob.58653!Worm(CA),WORM_MYTOB.Q(Trend Micro),W32/Mytob.worm!im(McAfee)
Alert level: severe