Worm:Win32/Zotob.A is a network worm that exploits the Plug-and-Play vulnerability fixed in Microsoft Security Bulletin MS05-039. The worm targets computers running Microsoft Windows 2000 that do not have MS05-039 installed. The worm can also infect computers running other versions of Windows operating systems if it is delivered through e-mail, instant messaging, or other routes.

Win32/Bagle.BD@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when the user opens the attachment. The worm monitors a random TCP port for instructions from remote attackers.

Win32/Bagle.AX@mm is a mass-mailing worm that creates and runs the worm Win32/Bagle.AS@mm.

TrojanDownloader:Win32/Small.AON!CME-978 is a trojan that downloads and runs files on impacted systems. TrojanDownloader:Win32/Small.AON!CME-978 also terminates security related processes and processes that ma be related to competing malicious software.

TrojanDownloader:Win32/Small.AON is a trojan that downloads and runs files on impacted systems. TrojanDownloader:Win32/Small.AON!CME-978 also terminates security related processes and processes that ma be related to competing malicious software. TrojanDownloader:Win32/Small.AON will be detected by Microsoft as TrojanDownloader:Win32/Small.AON!CME-978.

Win32/Funner is an instant messaging worm that spreads through MSN Messenger, MSN Communicator, and QQ. The worm overwrites the HOSTS file to redirect certain outbound Internet traffic from the infected computer to an attacker’s server, which could enable phishing and man-in-the-middle attacks. These attacks may include theft of credentials such as user names, passwords, and credit card data, as well as injection of malicious code into Internet traffic that is bound for the user's computer.

Virus:Win32/Infostlr.A is a virus that infects Microsoft Windows portable executable (PE) files. When an infected PE file runs, the virus also executes the original host file.

Worm:Win32/Netsky.CZ@mm is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on the infected computer. The worm is activated when a user opens an e-mail attachment that contains the worm.

Trojan:Win32/Vundo.K is a DLL component that installs itself as a Browser Helper Object and generates popup ads on the user's desktop. The component is injected into explorer.exe by its dropper. The ads may pop up as a visible or hidden window. Trojan:Win32/Vundo.K is packed with a modified version of UPX

Win32/Busky is a family of Trojans that monitor and redirect Internet traffic, gather system information and download unwanted software such as Win32/Renos and Win32/SpySheriff. Win32/Busky may be installed by a Web browser exploit or other vulnerability when visiting a malicious Web site.

TrojanDropper:Win32/Busky.gen is a dropper component of the Win32/Busky family of Trojans. The Win32/Busky Trojans monitor and redirect Internet traffic, gather system information and download unwanted software such as Win32/Renos and Win32/SpySheriff. Win32/Busky may be installed by a Web browser exploit or other vulnerability when visiting a malicious Web site.

Win32/Busky is a family of Trojans that monitor and redirect Internet traffic, gather system information and download unwanted software such as Win32/Renos and Win32/SpySheriff. Win32/Busky may be installed by a Web browser exploit or other vulnerability when visiting a malicious Web site.

TrojanDownloader:Win32/Zlob.gen!H is generic detection for a component of Win32/Zlob, a large Trojan family that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files (including additional malicious software). Microsoft has received reports that this Trojan has been distributed in the wild masquerading as a video codec or password manager application.

TrojanDownloader:Win32/Zlob.gen!O is a generic detection of a component of the greater Win32/Zlob malware family. Win32/Zlob refers a large multi-component family of malware that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files (including additional malicious software). The Win32/Zlob family has also been associated with rogue security programs that display misleading warnings regarding bogus malware infections.

TrojanDownloader:Win32/Eldycow.gen!A is a Trojan that receives various instructions to perform on the affected machine from remote hosts. These instructions often include directions to download and execute arbitrary files. In the wild, TrojanDownloader:Win32/Eldycow.gen!A has been observed to download a number of different Trojans from various remote locations, including TrojanDownloader:Win32/Wixud, Trojan:Win32/Wopla, VirTool:WinNT/Rootkitdrv.CE, TrojanDownloader:Win32/Nuwar, PWS:Win32/Cimuz and Trojan:Win32/Adialer.LA.

TrojanSpy:Win32/Banker.GB is a Trojan bank password stealer, targeting online banking customers of the Banrisul Bank of Brazil. Banker.GB may send financial credentials to a remote attacker by sending an e-mail message containing the captured sensitive information.

Win32/Gaobot.ZT.worm is a network worm that targets certain versions of Microsoft Windows. It spreads by exploiting vulnerabilities that are patched in several Microsoft Security Bulletins. To retrieve personal and system information, it also spreads to writeable network shares that have weak administrator passwords. The worm targets certain Web sites for denial of service (DoS) attacks. The worm also has backdoor capabilities, which allow attackers to control an infected computer through an IRC channel.

Win32/Gaobot.ZR.worm is a network worm that targets certain versions of Microsoft Windows. It spreads by exploiting multiple vulnerabilities that are patched in various Microsoft Security Bulletins. It also spreads to writeable network shares that have weak administrator passwords to retrieve personal and system information. The worm targets certain Web sites for denial of service (DoS) attacks. The worm also has backdoor capabilities, which allow attackers to control a computer through an IRC channel.

Win32/Gaobot.ZS.worm is a network worm that targets certain versions of Microsoft Windows. It spreads by exploiting known vulnerabilities that are patched in several Microsoft Security Bulletins. To retrieve personal and system information, it also spreads to writeable network shares that have weak administrator passwords. The worm targets certain Web sites for denial of service (DoS) attacks. The worm also has backdoor capabilities, which allow attackers to control an infected computer through an IRC channel.