Attention: We have transitioned to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access. While the app may appear unverified, you can confirm its legitimacy by verifying the App ID provided.
98 entries found.
Displaying page 4
of 5.
Worm:Win32/Neeris.gen!C
Worm:Win32/Neeris.gen!C is the generic detection for a member of the Win32/Neeris family of worms. These worms spread via MSN Messenger and may contain backdoor functionalities. New variants of this worm may exploit a vulnerability in the Windows Server Service (srvsvc) in PCs that have not yet applied Microsoft Security Bulletin MS08-067.
Alert level:
severe
TrojanDownloader:Win32/Cutwail.AN
TrojanDownloader:Win32/Cutwail.AN is the generic detection for the DLL component of members of the Win32/Cutwail malware family. Its primary function is to load certain code into a system process, which allows it to connect to and download files from a specific remote server.
Alert level:
severe
Worm:Win32/Sohanad.DX
Worm:Win32/Sohanad.DX is a worm that may spread by sending messages to a user's Yahoo! Messenger contacts. It also spreads via removable and shared drives. It can terminate certain processes, modify certain system settings, and close certain windows such as those related to registry editing and the Task Manager.
Alert level:
severe
Worm:Win32/Neeris.AN
Worm:Win32/Neeris.AN is a worm that spreads by removable drives and by attempting to exploit a number of particular vulnerabilities. The worm also contains backdoor functionality that allows unauthorized access and control of the affected computer.
Alert level:
severe
Worm:Win32/Viking.NA
Worm:Win32/Viking.NA is a worm that spreads via removable drives and network shares. It can terminate security-related processes, relocate certain Windows files, drop other malware, modify the HOSTS file and Internet files, infect certain files, and connect to a remote server.
Alert level:
severe
Worm:Win32/Yoybot.gen
Worm:Win32/Yoybot.gen is a generic detection for a family of malicious IRC bots that are able to spread through removable drives and file sharing networks.
Alert level:
severe
SettingsModifier:Win32/Skipwuser.A
SettingsModifier:Win32/Skipwuser.A is a trojan that creates and modifies computer settings changes without the user's knowledge or consent. It also drops other malware in the affected system.
Alert level:
moderate
Virus:Win32/Viking.ND
Virus:Win32/Viking.ND is a detection for executable files infected by Worm:Win32/Viking.NA.
Alert level:
severe
Worm:Win32/Hamweq.W
Worm:Win32/Hamweq.W is a worm that spreads via removable drives, such as USB memory sticks. It contains an IRC-based backdoor, which may request that it participate in Distributed Denial of Service attacks.
Alert level:
severe
Worm:Win32/Pykspa.C
Worm:Win32/Pykspa.C is a worm that spreads via Skype messaging, Twitter, mapped drives and network shares. It contains a backdoor that allows it to execute arbitrary commands from a remote attacker.
Alert level:
severe
Worm:Win32/Pykspa.E
Worm:Win32/Pykspa.E is a worm that spreads via Skype messaging, Twitter, mapped drives and network shares. It contains a backdoor that allows it to execute arbitrary commands from a remote attacker.
Alert level:
severe
Trojan:WinNT/Kapa.A
Trojan:WinNT/Kapa.A is a detection for a kernel-mode trojan that may be directed by other malware to terminate services.
Alert level:
severe
Backdoor:Win32/Darkshell.A
Backdoor:Win32/Darkshell.A is a detection for a backdoor that connects to a remote server to receive commands from attackers, which can include instructions to spread to other computers.
Alert level:
severe
Worm:Win32/Regul.A
Worm:Win32/Regul.A is a worm that propagates by copying itself to removable drives. It may also download other files, which may be detected as other malware.
Alert level:
severe
TrojanDropper:Win32/Silly_P2P.B
TrojanDropper:Win32/Silly_P2P.B is a trojan designed to drop and run other malware, most notably Worm:Win32/Silly_P2P.B.
Alert level:
severe
Worm:Win32/Emold.C
Worm:Win32/Emold.C is a worm that installs a trojan rootkit. It can spread via removable drives, spammed to users as an e-mail attachment, and distributed from malicious Web sites. It is capable of downloading arbitrary files, including other malware, from a specific Web site.
Alert level:
severe
Worm:Win32/Emold.M
Worm:Win32/Emold.M is an encrypted executable with a file size of 45,568 bytes. It can spread via removable drives, be spammed to users as an e-mail attachment, or distributed from malicious Web sites. It is capable of downloading arbitrary files, including other malware, from a specific Web site.
Alert level:
severe
Worm:Win32/Cubspewt.A
Worm:Win32/Cubspewt.A is a worm that modifies certain system settings, such as disables service pack updates, changes system firewall policy, and disables the DCOM protocol. It spreads via removable drives.
Alert level:
severe
TrojanDropper:Win32/Dogrobot.E
Worm:Win32/Dogkild.C is a worm that spreads to mapped drives on remote machines that support the autorun feature. It also installs TrojanDownloader:Win32/Dogrobot.D and VirTool:WinNT/Dogrobot onto an affected machine.
Alert level:
severe
Worm:Win32/Refroso.A
Worm:Win32/Refroso.A is a worm that stops Windows Security Center and attempts to spread to other computers across a network by exploiting a vulnerability in Windows.
Alert level:
severe