Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
953 entries found. Displaying page 40 of 48.
Updated on Dec 20, 2004
Worm:Win32/Gaobot.P is a worm that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS03-001, MS03-007, or MS03-026. After the Trojan copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Alert level: severe
Updated on Dec 22, 2004
Win32/Gaobot.Y is a backdoor Trojan that installs a service.
Alert level: severe
Updated on Dec 22, 2004
Win32/Gaobot.Q is a backdoor Trojan that can spread across network connections by breaking weak passwords or by exploiting vulnerabilities described in Microsoft Security Bulletins MS03-001, MS03-007, or MS03-026. After the Trojan copies and runs itself on a remote computer, it connects to an IRC server to receive commands.
Alert level: severe
Updated on Feb 16, 2005
Win32/Bagle.AI is a backdoor Trojan that injects itself into Windows Explorer. This stops the SharedAccess service, terminates processes with certain file names, and downloads and executes instructions from certain URLs.
Alert level: severe
Updated on Feb 18, 2005
Win32/Bagle.AJ@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level: severe
Updated on Feb 21, 2005
Win32/Bagle.AL@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level: severe
Updated on Feb 21, 2005
Win32/Bagle.AN@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level: severe
Updated on Feb 21, 2005
Win32/Bagle.AP@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level: severe
Updated on Feb 22, 2005
Win32/Bagle.AR@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level: severe
Updated on Feb 22, 2005
Win32/Bagle.AT@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level: severe
Updated on Feb 22, 2005
Win32/Bagle.AW@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers. One variant of Win32/Bagle.AW@mm injects the worm code into all Windows executable files on an infected computer.
Alert level: severe
Updated on Feb 23, 2005
Win32/Bagle.BE@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when the user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level: severe
Updated on Feb 24, 2005
Win32/Bagle.BF@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
Alert level: severe
Updated on Mar 02, 2005
Win32/Bagle.BG@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends TrojanProxy:Win32/Mitglieder.CL as an attachment to e-mail addresses that it downloads from a specific Web address. The worm is activated when a user opens the attachment.
Alert level: severe
Updated on Aug 28, 2005
Backdoor:Win32/Gael.A is a backdoor Trojan that targets certain versions of Microsoft Windows. The Trojan is downloaded, installed, and executed by TrojanDownloader:Win32/Gael.A.
Alert level: severe
Updated on Oct 03, 2005
Win32/Mytob.BR@mm is a mass-mailing network worm that targets certain versions of Windows. The worm sends a copy of itself as an e-mail attachment to e-mail addresses found on the infected computer. The worm can also spread by exploiting the Windows DCOM RPC vulnerability described in Microsoft Security Bulletin MS03-026. Win32/Mytob.BR@mm has a backdoor component that connects to an IRC server to receive commands from attackers.
Alert level: severe
Updated on Oct 03, 2005
Win32/Mytob.DV@mm is a mass-mailing worm that targets certain versions of Windows. The worm spreads by sending a copy of itself as an attachment to e-mail addresses found on the computer.  The worm has a backdoor component that connects to an IRC server to receive commands from attackers.
Alert level: severe
Updated on Oct 04, 2005
Win32/Mytob.Q@mm is a mass-mailing network worm that targets certain versions of Windows. The worm sends a copy of itself as an attachment to e-mail addresses found on the infected computer. The worm can also spread by exploiting the Windows DCOM RPC vulnerability described in Microsoft Security Bulletin MS03-026. Win32/Mytob.Q@mm has a backdoor component that connects to an IRC server to receive commands from attackers.
Alert level: severe
Updated on Feb 06, 2006
Win32/Bagle.X@mm!CME-328 is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds in certain files on the infected computer. The worm is activated when the e-mail recipient opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
 
This threat was assigned CME ID 328.
Alert level: severe
Updated on Nov 27, 2006
Win32/Bagle.X@mm!CME-328 is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds in certain files on the infected computer. The worm is activated when the e-mail recipient opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.
 
This threat was assigned CME ID 328.
Alert level: severe