Storm Worm, or Win32/Nuwar, refers to a family of Trojan droppers that install a distributed peer-to-peer (P2P) downloader Trojan. This downloader Trojan in turn downloads a copy of the email worm component of Storm Worm.

Backdoor:Win32/Nuwar.A is a backdoor Trojan that allows unauthorized access to an infected computer. The Trojan receives commands indirectly from a remote attacker via its connection to a malicious peer-to-peer network. This Trojan also contains advanced stealth functionality that allows it to hide particular files, registry entries and registry values.

Win32/Nuwar refers to a family of Trojan droppers that install a distributed peer-to-peer (P2P) downloader Trojan. This downloader Trojan in turn downloads a copy of the email worm component of Win32/Nuwar.

Worm:Win32/VB.CD is a worm that spreads to removable drives, modifies system settings and may delete files.

Win32/Korgo is a family of worms that spread by exploiting vulnerabilities in certain versions of Microsoft Windows that do not have Microsoft Security Bulletin MS04-011 installed. Some variants of this worm open a backdoor component to gain unauthorized access to other computers.

Windows Defender detects and removes this threat.

It is a mass-mailing worm that sends a copy of itself as an email attachment to your email contacts. It attempts to download files, including other malware, to your computer.

It also spreads by copying itself to removable drives such as USB sticks.

Worm:Win32/RJump.F is a worm that attempts to spread by copying itself to local, removable and network drives. It also contains functionality that allows an attacker to download and execute arbitrary files, including additional malicious software, on the user’s machine.

Worm:Win32/Wukill.J@mm is a mass-mailing e-mail worm that also spreads by copying itself to drives A:, C:, D:, E:, G: and H:. This worm may also disable viewing of file extensions and paths in Windows Explorer.

Worm:Win32/Brontok.AR@mm is detection for a group of variants of the Win32/Brontok worm family.

 

This worm spreads by sending a copy of itself as an e-mail attachment to e-mail addresses that it gathers from files on the infected computer. It can also copy itself to USB and pen drives. Win32/Brontok can disable antivirus and security software, immediately terminate certain applications, and cause Windows to restart immediately when certain applications run. The worm may also conduct denial of service (DoS) attacks against certain Web sites.

Worm:Win32/Autorun.BO is a worm that may drop a backdoor trojan (identified as Backdoor:Win32/Bifrose.gen!A) and connect with remote Web sites.

Worm:Win32/Brontok.AB@mm is a worm that spreads via e-mail and removable drives. The worm spreads by sending a copy of itself as an e-mail attachment to e-mail addresses that it gathers from files on the infected computer. It can also copy itself to USB and pen drives. Win32/Brontok can disable antivirus and security software, immediately terminate certain applications, and cause Windows to restart immediately when certain applications run. The worm may also conduct Denial of Service (DoS) attacks against certain web sites.

TrojanSpy:Win32/VBStat.AD is dropped as a component of Worm:Win32/RJump.F. Its purpose is to execute Win32/RJump.F at each Windows start.

Worm:Win32/Swen.A@mm is a network and mass-mailing worm that targets certain versions of Microsoft Windows. The worm spreads in several ways and terminates security-related processes running on an infected computer. Win32/Swen masquerades as a patch for Microsoft Internet Explorer, and may pretend to download and install software.

Win32/Mywife is a family of mass-mailing network worms that targets certain versions of Microsoft Windows. The worm spreads through e-mail attachments and writeable network shares.

Windows Defender Antivirus detects and removes this threat.

 

Win32/Zafi is a family of mass-mailing worms. The worm sends itself to email addresses that it finds on the infected PC.

 

It may terminate processes that relate to system utilities and security products. It may change security-related registry key values. Some variants also copy the worm to network-share folders.

Win32/Gael is a parasitic virus that targets certain versions of Microsoft Windows. The virus infects Win32 PE .exe files locally and on writeable network shares. The virus can also download TrojanDownloader:Win32/Small from a Web site and run the file.

Worm:Win32/Bagz.D@mm is a worm that sends e-mails to gathered e-mail addresses, with an attached copy of itself. Win32/Bagz may also block access to certain Web sites and delete services.

Worm:Win32/Roron.AA@mm is a worm that attempts to send personal information to a remote address. It may spread via e-mail, network shares, or peer-to-peer file sharing.