Skip to main content
Skip to main content
Microsoft Security Intelligence
Cart 0 items in shopping cart
Sign in
953 entries found. Displaying page 6 of 48.
Updated on Nov 09, 2004
Win32/Mydoom is a family of mass-mailing worms that spread through e-mail. Some variants also spread through peer-to-peer networks. The worm acts as a backdoor Trojan, which allows an attacker to access the infected system. This backdoor may be used to distribute other malicious software. Some variants of Win32/Mydoom launch denial of service (DoS) attacks against specific Web sites. 
Alert level: severe
Updated on Nov 11, 2004
The Win32/Gaobot worm family spreads using different methods, depending on the variant. Some variants spread to machines with weak passwords. Others exploit vulnerabilities to infect machines. Once a machine is infected, the worm connects to an IRC server to receive commands.
Alert level: high
Updated on Nov 11, 2004
Win32/Sasser is a family of network worms that exploit the Local Security Authority Subsystem Service (LSASS) vulnerability fixed in Microsoft Security Update MS04-011. The worm spreads by randomly scanning IP addresses for vulnerable machines and infecting any that are found.
Alert level: severe
Updated on Nov 29, 2004
Win32/Parite is a family of polymorphic file infectors that targets computers running Microsoft Windows. The virus infects .exe and .scr executable files on the local file system and on writeable network shares. In turn, the infected executable files perform operations that cause other .exe and .scr files to become infected.
Alert level: high
Updated on Dec 10, 2004
Win32/Zindos is a worm that targets computers running the following Microsoft Windows 9x, Windows ME, Windows NT, Windows 2000, and Windows XP. The worm spreads to computers that are already infected by the mass-mailer worm Win32/Mydoom.O@mm. Win32/Zindos may perform a denial of service (DoS) attack against certain Web sites.
Alert level: severe
Updated on Jan 11, 2005
The Netsky family is a mass-mailing worm that targets computers running certain versions of Microsoft Windows. The worm sends itself to e-mail addresses that it finds on the infected computer. When a user opens an e-mail attachment that contains a Netsky variant, the worm is activated. Some variants copy the worm to network-share folders. Some variants contain a backdoor component and perform denial of service (DoS) attacks.
Alert level: high
Updated on Jan 12, 2005
Windows Defender Antivirus detects and removes this threat.
 
Win32/Randex is a family of worms that targets PCs running Microsoft Windows 9x, Windows NT 4.0, Windows 2000, Windows Server 2003, and Windows XP. T
 
he worm scans randomly-generated IP addresses to attempt to spread to network shares with weak passwords. After the worm infects a PC, it connects to an IRC server to receive commands from the attacker. If your PC is infected by this worm, you might notice crashes or slowdowns during normal operation.
Alert level: severe
Updated on Feb 08, 2005
Windows Defender Antivirus detects and removes this threat.
 
Win32/Bropia is a worm that spreads using MSN Messenger. It drops different variants of Win32/HLLW.Spybot. Some variants of Win32/Bropia also prevent system utilities from launching.
 
Win32/Bropia spreads using MSN Messenger windows.
Alert level: severe
Updated on Mar 10, 2005
Windows Defender Antivirus detects and removes this threat.
 
W32/Mimail is a family of mass-mailing and network worms. The variants target several versions of Microsoft Windows. Some Mimail variants spread through email attachments. Some target PCs that do not have Microsoft Security Bulletins MS02-015 and MS03-014 installed.  Some variants spread through peer-to-peer networks. Some variants gather and transmit user account numbers and passwords. Some variants launch denial of service (DoS) attacks against certain Web sites.
Alert level: severe
Updated on Apr 07, 2005
Win32/Dumaru is a family of mass-mailing worms that targets certain versions of Microsoft Windows. The worm sends itself as an e-mail attachment to addresses that it finds on the infected computer. The worm runs when the user opens the attachment. Some variants drop a backdoor Trojan. Win32/Dumaru can infect or overwrite files, open ports, connect to an IRC server, release passwords and other confidential information, and receive commands from attackers.
Alert level: severe
Updated on May 19, 2005
Windows Defender Antivirus detects and removes this threat.
 
Win32/Kelvir is a family of worms that target PCs running certain versions of Microsoft Windows.
 
The worm spreads through MSN Messenger or Windows Messenger. The worm is activated when a user clicks a link in a Messenger message.
Alert level: severe
Updated on May 23, 2005
Win32/Hybris includes both a virus and a worm component. The virus component infects WSOCK32.DLL, enabling the virus to activate when an Internet connection is established. The worm component spreads by monitoring outgoing e-mail traffic and, when a legitimate e-mail is sent, follows that by sending a second email to the same addresses. That email contains a copy of the worm. Win32/Hybris can download plug-ins via anonymous binary postings made to a particular newsgroup, thus changing the functionality.
Alert level: severe
Updated on Jun 20, 2005
Windows Defender Antivirus detects and removes this threat.
 
Win32/Wootbot is a family of network worms that target certain versions of Microsoft Windows.
 
The worm spreads to writeable network shares as well as MySQL and Microsoft SQL Server application servers. It also spreads by exploiting various Windows vulnerabilities. The worm has a backdoor component that connects to an IRC server and joins a specific channel to receive commands from attackers.
Alert level: high
Updated on Aug 19, 2005
Win32/Elkern is a family of parasitic viruses that targets certain versions of Microsoft Windows. The virus can spread by infecting processes and executable files, and by copying itself to local drives and writeable network shares. It is also dropped by Win32/Klez.
Alert level: high
Updated on Sep 21, 2005
Win32/Mywife is a family of mass-mailing network worms that targets certain versions of Microsoft Windows. The worm spreads through e-mail attachments and writeable network shares.
Alert level: severe
Updated on Sep 22, 2005
Win32/Wukill is a family of mass-mailing e-mail and network worms. The Win32/Wukill worm spreads to root directories on certain local and mapped drives. The worm also spreads by sending a copy of itself as an attachment to e-mail addresses found on the infected computer. 
Alert level: high
Updated on Oct 19, 2005
Windows Defender Antivirus detects and removes this threat.
 
Win32/Mabutu is a family of mass-mailing worms that targets computers running certain versions of Microsoft Windows. The worm sends a copy of itself as an attachment to e-mail addresses found on the infected computer. The worm has a backdoor component that connects to an IRC server from the infected computer to receive commands from attackers.
Alert level: severe
Updated on Oct 24, 2005
Windows Defender Antivirus detects and removes this threat.
 
Win32/Codbot is a family of network worms that targets computers running certain versions of Microsoft Windows.
 
Some variants of this family spread to network shares with weak administrator passwords. Other Win32/Codbot variants spread by exploiting one or more Windows vulnerabilities. The worm has a backdoor component that connects to an IRC server from an infected computer to receive commands from attackers.
Alert level: severe
Updated on Nov 08, 2005
Microsoft security software detects and removes this family of threats.
 
This family of backdoor trojans can download and install other malware on your PC. They can also give a malicious hacker access and control of your PC.
Alert level: high
Updated on Nov 15, 2005
Windows Defender Antivirus detects and removes this threat.
 
Win32/Maslan is a family of mass-mailing network worms that targets computers running Microsoft Windows. The worm spreads through email and peer-to-peer file-sharing applications. It can also spread to computers that have not been patched for the Windows vulnerabilities described in Microsoft Security Bulletins MS03-039 and MS04-011. The worm installs two backdoors, one of which is a variant of Win32/Sdbot. The worm has a stealth component that hides certain files and directories.
Alert level: high