Search
Keyword: worm_rbot.qp
This worm uses Windows Task Scheduler to create a scheduled task that executes the dropped copy. It disables Task Manager, Registry Editor, and Folder Options. It drops copies of itself in all
This worm arrives by accessing affected shared networks. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses the drives of an affected system. Arrival
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm
This worm monitors the Internet activities of the infected system to steal user credentials if the user visits websites with certain strings. It attempts to steal user credentials used in the certain
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
set of URLs containing 250 random sites per day based on the UTC time standard. It blocks access to websites that contain certain strings, which are mostly related to antivirus programs. This Worm
This worm sends copies of itself to target recipients using the instant-messaging (IM) application, MSN Messenger . It executes commands from a remote user to connect to malicious sites to download
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses Windows Task Scheduler to create a scheduled task
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It does not have any backdoor routine. It does not have
one-glance comprehensive view of the behavior of this Worm, refer to the Threat Diagram shown below. This worm executes commands from a remote malicious user, effectively compromising the affected system. It
risk to users due to the increased possibility of infection. To get a one-glance comprehensive view of the behavior of this Worm, refer to the Threat Diagram shown below. This worm opens Microsoft Word
This worm drops .LNK files in removable drives that point to a copy of itself. This is done to automatically execute dropped copies when the said drives are accessed. It also uses the names of
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm arrives by connecting affected removable drives to a system. Arrival Details This worm arrives by connecting affected removable drives to a system. Installation This worm drops the
This worm arrives by connecting affected removable drives to a system. Arrival Details This worm arrives by connecting affected removable drives to a system. Installation This worm drops the
This worm arrives as attachment to mass-mailed email messages. It arrives via removable drives. It adds registry entries to enable its automatic execution at every system startup. It drops an
This worm arrives as attachment to mass-mailed email messages. It may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It adds registry
This worm arrives via removable drives. It modifies certain registry entries to hide file extensions. It drops an AUTORUN.INF file to automatically execute the copies it drops when a user accesses