Multi-Device Licenses (Volume Discounts)

Change Region

English
Threat Database Worms W32.Griptolo

W32.Griptolo

By JubileeX in Worms

W32.Griptolo is a malicious worm that uses removable drives for spreading itself. W32.Griptolo also downloads potentially infectious files onto the targeted computer. Once executed, W32.Griptolo copies itself by creating the particular files on all removable drives and runs when the drives are accessed. W32.Griptolo then creates the specific registry entry so that it can initiate every time you start Windows. W32.Griptolo also creates the certain registry entry in order to avoid the Windows firewall. W32.Griptolo attempts to access the particular web pages. W32.Griptolo also aims at downloading and running possibly infected files onto the compromised PC. To protect your computer from harm, delete W32.Griptolo from the corrupted PC immediately after detection.

File System Details

W32.Griptolo may create the following file(s):
Expand All | Collapse All
# File Name Detections
1. %DriveLetter%folder[ONE SPACE].exe
2. %ProgramFiles%Javajre-10injusched.exe
3. %SystemDrive%Folder[ONE SPACE].exe
4. %DriveLetter%autorun.inf
5. %ProgramFiles%Javajre-10inUF

Registry Details

W32.Griptolo may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun"SunJavaUpdateSched10" = "%ProgramFiles%Javajre-10injusched.exe"
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList"%ProgramFiles%Javajre-10injusched.exe" = "%ProgramFiles%Javajre-10injusched.exe:*:Enabled:JavaUpdate10"

Trending

Most Viewed

Loading...