BKDR_ROBOBOT.AH

Malware type: Backdoor Aliases: No Alias Found In the wild: Yes Destructive: Yes Language: English Platform: Windows NT, 2000, XP Encrypted: No	Overall risk rating: Low Reported infections: Low Damage potential: High Distribution potential: Low
Description: This destructive, memory-resident backdoor program may arrive on a system as a downloaded file of TROJ_DLOADER.YD. It opens random ports and connects to an Internet Relay Chat (IRC) server. Once connected, a remote malicious user can access the compromised machine and may then connect to several Web sites in order to download and execute files into the affected system. This backdoor is also capable of deleting several services related to antivirus and security applications, as well as deleting a certain file and registry entry, if they exist on the system. Furthermore, it may download an updated copy of itself or of other malware from a specific site. For additional information about this threat, see: Solution Technical Details Statistics Source: trendmicro.com