Search
Keyword: worm_rbot.qp
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm attempts to access a certain URL where its copy is hosted. It then copies this file as {random}.exe in removable drives. It may also receive a command from a remote server to initiate
This worm arrives by connecting affected removable drives to a system. It may be downloaded by other malware/grayware from remote sites. It is injected into all running processes to remain memory
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops an AUTORUN.INF
This worm attempts to steal user credentials, such as user names and passwords, related to online games. It does this by monitoring processes/services in the memory that contains certain strings. It
This Worm drops a file in the Windows Common Startup folder to enable its automatic execution at every system startup. It terminates certain processes if found running in the affected system's
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It uses the default Windows folder icon to trick users
This worm arrives as attachment to mass-mailed email messages. It may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting
This worm has received attention from independent media sources and/or other security firms. To get a one-glance comprehensive view of the behavior of this Worm, refer to the Threat Diagram shown
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops copies of itself into network drives. It also has
This worm arrives as attachment to mass-mailed email messages. It arrives via removable drives. It uses the default Windows folder icon to trick users into opening the file. Double-clicking the file
This worm arrives via removable drives. It may be downloaded by other malware/grayware/spyware from remote sites. It executes then deletes itself afterward. It modifies registry entries to hide files
This worm arrives via removable drives. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It drops copies of itself
This worm may be dropped by other malware. It may be unknowingly downloaded by a user while visiting malicious websites. It also has rootkit capabilities, which enables it to hide its processes and
This worm drops .LNK files to all removable drives, which are shortcut files to the dropped copy of this worm. It does this to automatically run the worm copy whenever the removable drives are
This worm accesses websites to download files detected by Trend Micro as: TROJ_FAKEAV.SM8 TROJ_RIMECUD.DL WORM_RIMECUD.SMC This worm arrives via removable drives. It drops an AUTORUN.INF file to
This worm arrives via removable drives. It arrives by accessing affected shared networks. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It deletes the initially executed copy of itself. Arrival
This worm arrives by connecting affected removable drives to a system. It arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious
This worm arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Arrival Details This worm arrives on a system as a file