W32/Rbot-GXM is a worm and backdoor Trojan for the Windows platform, and is related to the Neeris family of worms.
When run W32/Rbot-GXM creates the file TCPZ-X86D.sys (detected as the PUA "TCP-Z TCP Patch and Monitor") and sets the following registry entries under:
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MSDDLL\
HKLM\SYSTEM\CurrentControlSet\Services\msddll\
W32/Rbot-GXM spreads to network shares with weak passwords and to removable drives. W32/Rbot-GXM also typically attempts to spread across a network by exploiting MS08-067.