Rbot.wuam
Category: Trojan
Risk:
Severe Risk
* Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine.
Description: RBot is a Trojan worm that spreads through network shares and provides various backdoor capabilities to the attacker.
Alias: None
Signatures:
process: WUAM.EXE: MD5 Hash: e4e303172aec49c94a7
process: wuamgrd.exe: MD5 Hash: 78ad4e0ff3c84d08d1d
process: wuamgrd.exe: MD5 Hash: 9df8f84868031b6df05
process: wuamgrd.exe: MD5 Hash: e2cbbbe7c62c1c840b9
process: wuampad.exe: MD5 Hash: fd96c1eaa90924e848b
process: wuampd.exe: MD5 Hash: 6fec7dc14a74ded93fb
process: wuam.exe: MD5 Hash: 063ef1a74edefef0a65..
Copyright @2006 THR Computer Solutions: Rbot.wuam