500 entries found.
Displaying page 4
of 25.
Worm:Win32/Mytob.Q@mm
Win32/Mytob.Q@mm is a mass-mailing network worm that targets certain versions of Windows. The worm sends a copy of itself as an attachment to e-mail addresses found on the infected computer. The worm can also spread by exploiting the Windows DCOM RPC vulnerability described in Microsoft Security Bulletin MS03-026. Win32/Mytob.Q@mm has a backdoor component that connects to an IRC server to receive commands from attackers.
Also detected as: Win32/Mytob.AE!Worm(CA),WORM_MYTOB.AC(Trend Micro)
Alert level:
severe
Worm:Win32/Mimail.H@mm
W32.Mimail.H@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses on an infected computer. The worm is activated when the user opens the attachment. The worm also launches denial of service (DoS) attacks against certain Web sites.
Also detected as: Win32/Mimail.F!Worm(CA),WORM_MIMAIL.H(Trend Micro)
Alert level:
severe
Worm:Win32/Antinny.W
Win32/Antinny is a family of worms that targets certain versions of Microsoft Windows. The worm spreads using a Japanese peer-to-peer file-sharing application named Winny. The worm creates a copy of itself with a deceptive file name in the Winny upload folder so that it can be downloaded by other Winny users.
Japanese text description of Win32/Antinny:
http://www.microsoft.com/japan/security/encyclopedia/Antinny.mspx
http://www.microsoft.com/japan/security/encyclopedia/Antinny.mspx
Also detected as: Win32/Antinny.F!Worm(CA),Worm.Win32.Antinny.f(Kaspersky),WORM_Antinny.GEN(Trend Micro)
Alert level:
severe
Worm:Win32/Lovgate.E@mm
Worm:Win32/Lovgate.E@mm is a worm that copies itself to network shares, and sends a copy of itself as a reply to unread messages in the Microsoft Outlook e-mail Inbox. The worm copies shared subfolders, making itself available for download by common peer-to-peer file sharing applications. In addition, Worm:Win32/Lovgate.E@mm opens a TCP port, and awaits backdoor connections from an attacker.
Also detected as: Win32/Lovgate.H!Worm(CA),Email-Worm.Win32.LovGate.f(Kaspersky),WORM_LOVGATE.G(Trend Micro)
Alert level:
severe
Worm:Win32/Msblast.G
Win32/Msblast.G is a network worm that can spread to a computer running Microsoft Windows 2000 and Windows XP that does not have Security Update MS03-026 installed. It performs a denial of service (DoS) attack against windowsupdate.com, if the day of the month is greater than 15 or if the month is greater than 8.
Also detected as: W32.Blaster.Worm(Symantec),WORM_MSBLAST.G(Trend Micro),W32/Lovsan.worm.a(McAfee)
Alert level:
severe
Worm:Win32/Emerleox.gen!B
Worm:Win32/Emerleox.gen is a network worm that attempts to copy itself to writable network shares by exploiting weak password/username combinations. When Worm:Win32/Emerleox.gen is run, it attempts to disable certain antivirus and firewall products by disabling registry entries and killing processes associated with those programs.
Also detected as: W32/Fujacks.worm(McAfee)
Alert level:
severe
Worm:Win32/Hooon.B
Worm:Win32/Hooon.B is a worm that spreads via network shares.
Also detected as: W32/Hooon.worm(McAfee),WORM_AGENT.SHO(Trend Micro)
Alert level:
severe
Worm:Win32/VB.CD
Worm:Win32/VB.CD is a worm that spreads to removable drives, modifies system settings and may delete files.
Also detected as: W32/Archiles.worm(McAfee),WORM_VB.DRZ(Trend Micro),Worm/VB.AYU(AVG)
Alert level:
severe
Worm:Win32/Msblast.I
Win32/Msblast.I is a network worm that can spread to a computer running Microsoft Windows 2000 and Windows XP that does not have Security Update MS03-026 or MS03-039 installed. The worm attempts to spread using TCP port 135, UDP port 69, or TCP port 4444. The worm also drops a component that opens a backdoor.
Also detected as: W32.Blaster.T.Worm(Symantec),WORM_MSBLAST.I(Trend Micro),W32/Blaster.worm.k(McAfee)
Alert level:
severe
Worm:Win32/Mydoom.AA@mm
Win32/Mydoom.AA@mm is a mass-mailing worm that sends itself to e-mail addresses it finds on the infected computer. The worm also installs a .dll file that acts as a backdoor.
Also detected as: Win32/Mydoom.AD.Worm(CA),WORM_MYDOOM.AA(Trend Micro)
Alert level:
severe
Worm:Win32/Mimail.V@mm
W32.Mimail.V@mm is a network worm that targets certain versions of Microsoft Windows. The worm spreads through peer-to-peer file-sharing networks, writing itself to file-sharing folders. The worm is activated when the user opens the file that was placed in the file-sharing folder.
Also detected as: Win32/Mimail.Q!Worm(CA),WORM_MIMAIL.V(Trend Micro)
Alert level:
severe
Worm:Win32/Nachi.F
Win32/HLLW.Nachi.F is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Also detected as: W32.Welchia.D.Worm(Symantec),WORM_NACHI.F(Trend Micro)
Alert level:
severe
Worm:Win32/Gaobot.BU
Worm:Win32/Gaobot.BU is a worm that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS03-001, MS03-007, or MS03-026. After the Trojan copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Also detected as: Win32/Agobot.AZ.Worm(CA),WORM_AGOBOT.AE(Trend Micro),WORM_AGOBOT.BU(Trend Micro)
Alert level:
severe
Worm:Win32/Gaobot.AL
Worm:Win32/Gaobot.AL is a worm that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS03-001, MS03-007, or MS03-026. After the Trojan copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Also detected as: Win32/Agobot.204800.Worm(CA),WORM_AGOBOT.AL(Trend Micro),W32/Gaobot.worm.gen.e(McAfee)
Alert level:
severe
Worm:Win32/Wootbot
Backdoor:Win32/Wootbot is a backdoor Trojan that targets certain versions of Microsoft Windows. The Trojan connects to a specific IRC server to receive commands from attackers, which can include instructions to spread to other computers in various ways, such as through network shares, SQL servers, and exploitation of certain Windows vulnerabilities.
Also detected as: W32.Spybot.Worm(Symantec),W32/Sdbot.worm(McAfee),WORM_FORBOT(Trend Micro)
Alert level:
severe
Worm:Win32/Nachi.A
Win32/HLLW.Nachi.A is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove the MSBlast worm if it is on the infected system.
Also detected as: W32.Welchia.Worm(Symantec),W32/Nachi.worm(McAfee),WORM_NACHI.A(Trend Micro)
Alert level:
severe
Worm:Win32/Nachi.I
Win32/HLLW.Nachi.I is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Also detected as: W32.Welchia.B.Worm(Symantec),WORM_NACHI.B(Trend Micro)
Alert level:
severe
Worm:Win32/Nachi.J
Win32/HLLW.Nachi.J is a network worm that targets Microsoft Windows 2000 and Windows XP. It propagates by exploiting several known vulnerabilities. It tries to download and apply security updates if it detects the operating system is a certain language version. It also tries to remove certain worms if they are on the infected system.
Also detected as: W32.Welchia.D.Worm(Symantec),WORM_NACHI.J(Trend Micro)
Alert level:
severe
Worm:Win32/Gaobot.FQ
Worm:Win32/Gaobot.FQ is a worm that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS03-001, MS03-007, or MS03-026. After the Trojan copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Also detected as: Win32/Agobot.FI.Worm(CA),WORM_AGOBOT.FQ(Trend Micro),W32/Gaobot.worm.gen.e(McAfee)
Alert level:
severe
Worm:Win32/Mytob.T@mm
Win32/Mytob.T@mm is a mass-mailing network worm that targets computers running certain versions of Microsoft Windows. The worm can spread through e-mail, network shares, MSN Messenger, and Windows Messenger. It can also spread by exploiting the Windows vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026. The worm has a backdoor component that connects to an IRC server to receive commands from attackers.
Also detected as: Win32/Mytob.58653!Worm(CA),WORM_MYTOB.Q(Trend Micro),W32/Mytob.worm!im(McAfee)
Alert level:
severe