Search
Keyword: worm_rbot.qp
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF file to automatically execute the
This worm performs commands from a remote malicious user. It also terminates itself if it is running under a Debugger or an Emulator . It also checks if the affected system uses certain display
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself. Arrival
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself. Arrival
This worm arrives via removable drives. It is injected into all running processes to remain memory resident. It drops copies of itself into all the removable drives connected to an affected system.
This worm arrives via removable drives. It may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting malicious websites. It
This worm arrives by connecting affected removable drives to a system. It may be dropped by other malware. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user
It monitors processes to steal user credentials. This worm arrives via removable drives. It may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF
This worm executes then deletes itself afterward. It modifies registry entries to hide files with System and Read-only attributes. It drops an AUTORUN.INF file to automatically execute the copies it
This worm arrives by connecting affected removable drives to a system. It drops copies of itself in all removable drives. It drops an AUTORUN.INF file to automatically execute the copies it drops
It drops copies of itself into the shared folders of certain peer-to-peer (P2P) networks. It executes command(s) from a remote malicious user. This worm arrives via peer-to-peer (P2P) shares. It
This worm arrives by connecting affected removable drives to a system. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system.
This worm arrives via removable drives. It uses the default Windows folder icon to trick users into opening the file. Double-clicking the file executes this malware. It drops copies of itself in
It receives commands from a remote malicious user via IRC. These commands are executed on the affected system. However, as of this writing, the said servers are inaccessible. This worm arrives via
This worm arrives via removable drives. It may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It drops copies of itself into all the
This worm drops copies of itself in all removable drives. Installation This worm drops the following copies of itself into the affected system: %System%\Zsnkspm.exe (Note: %System% is the Windows
This worm arrives via removable drives. It may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting malicious websites. It
This worm may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. However, as of this writing, the said sites are inaccessible. It drops copies
It sends messages that contain links to sites hosting remote copies of itself using specific instant-messaging (IM) applications. This worm arrives via removable drives. It may be dropped by other