Search
Keyword: worm_rbot.qp
needed during in system bootup. To get a one-glance comprehensive view of the behavior of this Worm, refer to the Threat Diagram shown below. This worm arrives via removable drives. It may be unknowingly
If it fails to download the configuration file, this worm downloads a certain file. It saves the downloaded file as %System%\setting.ini . It expects the downloaded configuration file to contain a
This description is based is a compiled analysis of several variants of WORM_PROLACO. Note that specific data such as file names and registry values may vary for each variant. This worm arrives as
This worm arrives via removable drives. It modifies certain registry entries to hide file extensions. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses
This worm arrives by accessing affected shared networks. It may be dropped by other malware. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives
This worm sends messages that contain links to sites hosting remote copies of itself using the instant-messaging (IM) applications Yahoo Messenger and MSN Messenger . It may also send messages
Trend Micro has received multiple samples of this worm from multiple, independent sources, including customer reports and internal sources. These indicate that this worm poses a high risk to users
This worm arrives via removable drives. It drops copies of itself in all drives. These dropped copies use the names of the folders located on the said drives for their file names. It drops an
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses Windows Task Scheduler to create a scheduled task
This worm may be unknowingly downloaded by a user while visiting malicious websites. It drops copies of itself in removable drives. These dropped copies use the names of the folders located on the
This Worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This Worm arrives as an attachment to email messages mass-mailed by other malware/grayware or malicious users. It arrives on a system as a file dropped by other malware or as a file downloaded
This Worm arrives via removable drives. It executes commands from a remote malicious user, effectively compromising the affected system. It retrieves specific information from the affected system. It
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes the
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It executes commands from
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF file to automatically execute the