Skip to main content
Published Mar 18, 2005 | Updated Apr 16, 2011

Win32/Rbot

Detected by Microsoft Defender Antivirus

Aliases: W32.Spybot.Worm (Symantec) W32/Sdbot.worm.gen (McAfee) WORM_RBOT (Trend Micro)

Summary

The Win32/Rbot family of backdoor Trojans targets certain versions of Microsoft Windows. After the Trojan infects a computer, it allows attackers to control the computer through an IRC channel. Some commands instruct Win32/Rbot to spread to other computers by scanning for network shares with weak passwords, exploiting various Windows vulnerabilities, or spreading through backdoor ports opened by other families of malicious software. The Trojan also allows attackers to perform other backdoor functions, such as launching denial of service (DoS) attacks against certain Web sites and retrieving system information from infected computers. 
To detect and remove this threat and other malicious software that may be installed in your computer, run a full-system scan with an up-to-date antivirus product such as the following:
 
 
For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.
Follow us