Microsoft security software detects and removes this family of threats.

 

This family of backdoor trojans can download and install other malware on your PC. They can also give a malicious hacker access and control of your PC.

Backdoor:Win32/Rbot.gen is a generic detection for a family of backdoor trojans that allows attackers to control infected computers. After a computer is infected, the trojan connects to a specific IRC server and joins a specific channel to receive commands from attackers. Commands can instruct the trojan to spread to other computers by scanning for network shares with weak passwords, exploiting Windows vulnerabilities, and spreading through backdoor ports opened by other families of malicious software. The trojan can also allow attackers to perform other backdoor functions, such as launching denial of service (DoS) attacks and retrieving system information from infected computers.

Backdoor:Win32/IRCbot.gen!Z is a backdoor trojan that connects to an Internet Relay Chat (IRC) server and provides attackers with unauthorized access and control of your computer. It is a member of the Backdoor:Win32/IRCbot family of backdoor trojans.

Worm:Win32/Synigh.A is a worm that spreads to other computers across a network. It also has a backdoor component that is capable of connecting to an IRC server and executing commands from a remote attacker.

Backdoor:Win32/Sdbot.ZA is a backdoor Trojan that allows an attacker to take control of an infected computer. When a computer is infected, the Trojan connects to an Internet Relay Chat (IRC) server and joins a channel in order to receive commands from the controlling attacker. This malware can also spread via network shares with weak passwords, and by exploiting a known vulnerability in the RPCSS Service (addressed in Microsoft Security Bulletin MS03-039).

Exploit:Win32/MS06040.gen is a generic detection for malicious software that attempts to exploit a vulnerability in Windows Server Service that can allow the execution of arbitrary code. The vulnerability is referenced in Microsoft Security Bulletin MS06-040 and Microsoft Knowledge Base article KB921883.

Worm:Win32/Neeris.gen!C is the generic detection for a member of the Win32/Neeris family of worms. These worms spread via MSN Messenger and may contain backdoor functionalities. New variants of this worm may exploit a vulnerability in the Windows Server Service (srvsvc) in PCs that have not yet applied Microsoft Security Bulletin MS08-067.

Worm:Win32/Neeris.AU is the detection for an IRC backdoor that spreads by copying itself into removable drives and by exploiting the vulnerability discussed in Microsoft Security Bulletin MS08-067. It connects to a remote IRC server to receive commands from a remote attacker.

Worm:Win32/Autorun.MB is a worm that copies itself to mapped drives and allows remote access from an attacker. The worm can spread to other computers by exploiting a vulnerability that is present in computers that have not applied Microsoft Security Bulletin MS02-045, a security update first published in 2002.

Worm:Win32/Slenping.X is a detection for a worm that spreads to other computers by copying itself to mapped and removable drives and via Instant chat applications MSN Messenger and AOL Messenger.

Backdoor:Win32/Momibot is a backdoor trojan that connects to remote servers to perform various actions on the infected computer.

Worm:Win32/Slenfbot.JS is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.

Worm:Win32/Flibot.gen!A is a backdoor trojan that allows an attacker remote access to download arbitrary files.

Worm:Win32/Neeris.AN is a worm that spreads by removable drives and by attempting to exploit a number of particular vulnerabilities. The worm also contains backdoor functionality that allows unauthorized access and control of the affected computer.

Windows Defender Antivirus detects and removes this threat.

 

This threat can give a malicious hacker access to your PC.

 

It can be installed when you visit a hacked or malicious web page.

 

See the Win32/Ramnit family description for more information on this type of threat.

 

Find out ways that malware can get on your PC.

Exploit:Win32/Siveras.B is detection for specific known malware used to exploit a vulnerability in the Domain Name System (DNS) Server Service. This vulnerability impacts Microsoft Windows 2000 Server Service Pack 4, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2.

 

Note that exploit of the vulnerability may not be file-based or the malicious files might be removed by the attacker after successful exploit. For vulnerability details, workarounds, and patch information, please refer to Microsoft Security Advisory (935964).

Backdoor:Win32/Nirbot is a backdoor Trojan that targets certain versions of Microsoft Windows. The trojan connects to a specific IRC server to receive commands from attackers, which can include instructions to spread to other computers in various ways, such as through network shares, SQL servers, and the exploitation of particular vulnerabilities.