The Win32/Rbot family of backdoor Trojans targets certain versions of Microsoft Windows. After the Trojan infects a computer, it allows attackers to control the computer through an IRC channel. Some commands instruct Win32/Rbot to spread to other computers by scanning for network shares with weak passwords, exploiting various Windows vulnerabilities, or spreading through backdoor ports opened by other families of malicious software. The Trojan also allows attackers to perform other backdoor functions, such as launching denial of service (DoS) attacks against certain Web sites and retrieving system information from infected computers. 

Backdoor:Win32/Rbot.gen is a generic detection for a family of backdoor trojans that allows attackers to control infected computers. After a computer is infected, the trojan connects to a specific IRC server and joins a specific channel to receive commands from attackers. Commands can instruct the trojan to spread to other computers by scanning for network shares with weak passwords, exploiting Windows vulnerabilities, and spreading through backdoor ports opened by other families of malicious software. The trojan can also allow attackers to perform other backdoor functions, such as launching denial of service (DoS) attacks and retrieving system information from infected computers.

Backdoor:Win32/Rbot.SF is a backdoor trojan that may connect to a remote attacker to perform actions on the system without the user's knowledge.

Backdoor:Win32/IRCbot.gen!Z is a backdoor trojan that connects to an Internet Relay Chat (IRC) server and provides attackers with unauthorized access and control of your computer. It is a member of the Backdoor:Win32/IRCbot family of backdoor trojans.

Backdoor:Win32/Rbot.DF is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Backdoor:Win32/Rbot.AF connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

 

Backdoor:Win32/Rbot.AF may be detected as Backdoor:Win32/Rbot!8A89. 

Backdoor:Win32/Rbot.AH is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

 

Backdoor:Win32/Rbot.AH may be detected as Backdoor:Win32/Rbot!2EAA.

Backdoor:Win32/Rbot.AJ is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

 

Backdoor:Win32/Rbot.AJ may be detected as Backdoor:Win32/Rbot.gen!A.

Backdoor:Win32/Rbot.AL is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Backdoor:Win32/Rbot.AN is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Backdoor:Win32/Rbot.BC is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Backdoor:Win32/Rbot.BH is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

 

Backdoor:Win32/Rbot.BH may be detected as Backdoor:Win32/Rbot!2FA0.

Backdoor:Win32/Rbot.BK is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Backdoor:Win32/Rbot.BM is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Backdoor:Win32/Rbot.BR is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Backdoor:Win32/Rbot.BU is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Backdoor:Win32/Rbot.DR is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Backdoor:Win32/Rbot.EK is a backdoor Trojan that runs in the background, gathers software installation and computer configuration details, and connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Backdoor:Win32/Rbot.FL is a backdoor Trojan that runs in the background, gathers software installation and computer configuration details, and connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.