Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
953 entries found. Displaying page 46 of 48.
Updated on May 09, 2007
VirTool:WinNT/Haxdoor.F is a kernel-mode rootkit-enabled Trojan that allows remote control of the infected machine over the Internet. The Trojan contains instructions that allow it to disable certain antivirus programs and firewall applications, log keystrokes, allow remote connections, lower security settings or perform other unwanted actions. VirTool:WinNT/Haxdoor.F gathers user and system information and sends it to a third party.
Alert level: severe
Updated on May 11, 2007
TrojanDownloader:Win32/Jowspry is a malicious application that uses the Background Intelligent Transfer Service (BITS) to download programs from the Internet, possibly using HTTP or FTP URLs to obtain the files.  After the file(s) are downloaded to the compromised computer, they are executed.
 
The use of BITS could allow TrojanDownloader:Win32/Jowspry to bypass some permission-based firewalls in order to install additional malware. This bypass relies on TrojanDownloader:Win32/Jowspry already being present on the system; it is not an attack vector for initial infection.
 
TrojanDownloader:Win32/Jowspry may try to masquerade as a non-executable file by using file icons associated with applications such as including Adobe Acrobat (PDF), Microsoft Word document files (.doc), or image icons.
Alert level: severe
Updated on May 11, 2007
TrojanDownloader:Win32/Jowspry is a malicious application that uses the Background Intelligent Transfer Service (BITS) to download programs from the Internet, possibly using HTTP or FTP URLs to obtain the files.  After the file(s) are downloaded to the compromised computer, they are executed.
 
The use of BITS could allow TrojanDownloader:Win32/Jowspry to bypass some permission-based firewalls in order to install additional malware. This bypass relies on TrojanDownloader:Win32/Jowspry already being present on the system; it is not an attack vector for initial infection.
 
TrojanDownloader:Win32/Jowspry may try to masquerade as a non-executable file by using file icons associated with applications such as including Adobe Acrobat (PDF), Microsoft Word document files (.doc), or image icons.
Alert level: severe
Updated on May 11, 2007
TrojanDownloader:Win32/Jowspry is a malicious application that uses the Background Intelligent Transfer Service (BITS) to download programs from the Internet, possibly using HTTP or FTP URLs to obtain the files.  After the file(s) are downloaded to the compromised computer, they are executed.
 
The use of BITS could allow TrojanDownloader:Win32/Jowspry to bypass some permission-based firewalls in order to install additional malware. This bypass relies on TrojanDownloader:Win32/Jowspry already being present on the system; it is not an attack vector for initial infection.
 
TrojanDownloader:Win32/Jowspry may try to masquerade as a non-executable file by using file icons associated with applications such as including Adobe Acrobat (PDF), Microsoft Word document files (.doc), or image icons.
Alert level: severe
Updated on May 11, 2007
TrojanDownloader:Win32/Jowspry is a malicious application that uses the Background Intelligent Transfer Service (BITS) to download programs from the Internet, possibly using HTTP or FTP URLs to obtain the files.  After the file(s) are downloaded to the compromised computer, they are executed.
 
The use of BITS could allow TrojanDownloader:Win32/Jowspry to bypass some permission-based firewalls in order to install additional malware. This bypass relies on TrojanDownloader:Win32/Jowspry already being present on the system; it is not an attack vector for initial infection.
 
TrojanDownloader:Win32/Jowspry may try to masquerade as a non-executable file by using file icons associated with applications such as including Adobe Acrobat (PDF), Microsoft Word document files (.doc), or image icons.
Alert level: severe
Updated on May 30, 2007
TrojanDownloader:Win32/Conhook.A attempts to download content from a remote Web site. TrojanDownloader:Win32/Conhook.A injects its code into running processes which could, depending on configuration, allow the Trojan to bypass permission-based firewalls in order to gain Internet access.
Alert level: severe
Updated on Sep 05, 2007
TrojanDownloader:Win32/Conhook.A attempts to download content from a remote Web site. TrojanDownloader:Win32/Conhook.A injects its code into running processes which could, depending on configuration, allow the Trojan to bypass permission-based firewalls in order to gain Internet access.
Alert level: severe
Updated on Oct 11, 2007
Trojan:Win32/Conhook.B installs itself as a Browser Helper Object (BHO), and connects to the Internet without user consent. This Trojan may also terminate specific security services, and download additional malware to the computer.
Alert level: severe
Updated on Nov 02, 2007

Windows Defender detects and removes this threat.

This threat can download and run files on your PC.

Alert level: severe
Updated on Nov 21, 2007
Trojan:Win32/Zlob.ZWC is a component of the greater Win32/Zlob malware family. Win32/Zlob is a large multi-component family of malware that modifies Internet Explorer's settings, alters and redirects the user's default Internet search page and home page, and attempts to download and execute arbitrary files (including additional malicious software). The Win32/Zlob family has also been associated with rogue security programs that display misleading warnings regarding bogus malware infections.
Alert level: severe
Updated on Nov 28, 2007
Spyware:Win32/ShopAtHome.A is a Web browser redirector that monitors your Web browsing behavior and online purchases. ShopAtHome - also known as GoldenRetriever and SelectRebates - claims to track points for your ShopAtHome rebates when you buy products directly from affiliated merchant Web sites without linking through the ShopAtHome Web site.
Alert level: high
Updated on Nov 29, 2004
W32.Mimail.S@mm is a mass-mailing worm that targets certain versions of Microsoft Windows. The worm sends itself as an attachment to e-mail addresses that it finds on the infected computer. The worm is activated when the user opens the attachment. The worm also launches denial of service (DoS) attacks against certain Web sites.
Alert level: severe
Updated on Dec 21, 2004
Win32/HLLW.Doomjuice.C is a worm that targets computers infected with the Mydoom.A or Mydoom.B worms. Doomjuice.C scans for systems listening on TCP port 3127, the backdoor port for Mydoom.A and Mydoom.B. Doomjuice.C launches a denial of service (DoS) attack against www.microsoft.com.
Alert level: severe
Updated on Apr 05, 2005
Backdoor:Win32/Berbew.AW is a Trojan that installs silently on computers running Microsoft Windows 2000 or Windows XP. It may download files from Web sites and run them on the target computer, and may gather and send personal information from an infected computer to a Web site.
Alert level: severe
Updated on Jun 06, 2005
Backdoor:Win32/Rbot.LK is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. This Trojan can spread to a computer by trying weak passwords. The Trojan can also connect to a computer through an open port, and then connect to an IRC server and join a channel to receive commands.
Alert level: severe
Updated on Jun 15, 2005
Backdoor:Win32/Samsteal.A.dr is a Trojan dropper that targets several versions of Microsoft Windows. The Trojan drops a file that in turn drops Backdoor:Win32/Samsteal.A and three other files. 
Alert level: severe
Updated on Jun 29, 2005
Backdoor:Win32/Haxdoor.CX is a backdoor Trojan that opens and listens on three random TCP ports for proxy and remote access purposes.
Alert level: severe
Updated on Nov 03, 2006
Win32/Stration.DH@mm!CME-416 is a mass-mailing email worm that sends itself to addresses obtained from a wide range of file types found on the infected system. The e-mail message composed by the worm may masquerade as a failure message or as a scanning tool. Win32/Stration.DH@mm!CME-416 also acts as a Trojan downloader, attempting to download a file from a remote website. The downloaded file may be another variant of the Win32/Stration family.
Alert level: severe
Updated on Jan 26, 2007
TrojanDownloader:Win32/Stration.gen is generic detection for a family of trojans that download and run variants of the Win32/Stration worm. Win32/Stration is a family of mass-mailing email worms that send themselves to addresses obtained from a wide range of file types found on the infected system. The e-mail message composed by the worm may masquerade as a failure message or as a scanning tool.
Alert level: severe
Updated on Jan 26, 2007
TrojanDownloader:Win32/Stration.gen is generic detection for a family of trojans that download and run variants of the Win32/Stration worm. Win32/Stration is a family of mass-mailing email worms that send themselves to addresses obtained from a wide range of file types found on the infected system. The e-mail message composed by the worm may masquerade as a failure message or as a scanning tool.
Alert level: severe