Attention: We will be transitioning to a new AAD or Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access.
500 entries found.
Displaying page 1
of 25.
Win32/IRCbot
Microsoft security software detects and removes this family of threats.
This family of backdoor trojans can download and install other malware on your PC. They can also give a malicious hacker access and control of your PC.
Alert level:
high
MSIL/IRCbot
Windows Defender detects and removes this threat.
See the Win32/IRCbot family description for more information.
Alert level:
severe
WinNT/IRCbot
WinNT/IRCbot is a generic detection for a component that may be utilized by other malware in order to provide stealth, thus hiding the malware's presence from the affected user. In the wild, we have observed WinNT/IRCbot being utilized by Worm:Win32/Synigh for this purpose.
Alert level:
high
Backdoor:Win32/IRCbot.gen!L
Backdoor:Win32/IRCbot.gen!L is a generic detection for a backdoor malware component that injects code into 'explorer.exe' to prevent the deletion of the main malware file.
Alert level:
severe
Backdoor:Win32/IRCbot.gen!U
Backdoor:Win32/IRCbot.gen!U is a generic detection for a trojan that allows unauthorized access and control of an affected machine by a remote attacker using IRC. After a computer is infected, the trojan connects to a specific IRC server and joins a specific channel to receive commands from an attacker. This particular detection may trigger on variants of several different IRC bot families, including Win32/Pushbot and Win32/Synigh.
Alert level:
severe
Backdoor:Win32/IRCBot.gen!K
Backdoor:Win32/IRCbot.gen!K is a generic detection for a family of IRC-controlled backdoor trojans. These may perform certain activities when commanded to do so by a remote attacker, such as downloading and executing arbitrary files and collecting system information.
Alert level:
severe
Backdoor:Win32/IRCbot.gen!V
Backdoor:Win32/IRCbot.gen!V is a generic detection for a trojan that allows unauthorized access and control of an affected machine by a remote attacker using IRC. After a computer is infected, the trojan connects to a specific IRC server and joins a specific channel to receive commands from an attacker. This particular detection may trigger on variants of several different IRC bot families, including Win32/Pushbot and Win32/Synigh.
Alert level:
severe
Backdoor:Win32/IRCbot.gen!T
Backdoor:Win32/IRCbot.gen!T is a generic detection which may detect several variants of families of IRC-controlled backdoors. These malware allow unauthorized access and control of an affected computer and may be used to perform certain activities when commanded to do so by the backdoor’s controller, such as downloading and executing arbitrary files, or collecting system information.
Variants of the following families of malware may be detected with this name:
Please see the related family or example variant descriptions elsewhere in this encyclopedia for more detailed information on these threats.
Alert level:
severe
Backdoor:Win32/IRCbot.gen!O
Backdoor:Win32/IRCbot.gen!O is a generic detection for a trojan that allows unauthorized access and control of an affected machine by a remote attacker using IRC. After a computer is infected, the trojan connects to a specific IRC server and joins a specific channel to receive commands from an attacker. This particular detection may trigger on variants of several different IRC bot families, including Win32/Pushbot and Win32/Synigh.
Alert level:
severe
Backdoor:Win32/IRCbot.gen!AA
Backdoor:Win32/IRCbot.gen!AA is a worm that allows backdoor access and control of your computer by a remote server.
Alert level:
severe
Backdoor:Win32/IRCbot.gen!S
Backdoor:Win32/IRCbot.gen!S is a generic detection for a number of variants of the Backdoor:Win32/IRCbot family. Backdoor:Win32/IRCbot is a family of backdoor trojans that allows unauthorized access and control of affected computers.
Alert level:
severe
Backdoor:Win32/IRCbot.gen!Z
Backdoor:Win32/IRCbot.gen!Z is a backdoor trojan that connects to an Internet Relay Chat (IRC) server and provides attackers with unauthorized access and control of your computer. It is a member of the Backdoor:Win32/IRCbot family of backdoor trojans.
Alert level:
severe
Backdoor:Win32/IRCbot.gen!M
Backdoor:Win32/IRCbot.gen!M is a generic detection for a backdoor trojan that allows unauthorized access and control of an affected computer. It connects to a remote IRC server in order to receive commands from an attacker.
Alert level:
severe
Backdoor:Win32/IRCbot.gen!N
Backdoor:Win32/IRCbot.gen!N is the generic detection for a backdoor trojan that modifies certain system settings, creates services, and connects to various servers to receive commands from a remote attacker.
Alert level:
severe
Backdoor:Win32/IRCbot.gen!X
Backdoor:Win32/IRCBot.gen!X is a backdoor that connects to an Internet Relay Chat (IRC) server and allows backdoor access and control to the affected computer.
Alert level:
severe
Backdoor:Win32/IRCbot.gen!Y
Backdoor:Win32/IRCbot.gen!Y is a bot that connects to an Internet Relay Chat (IRC) server and provides attackers with unauthorized access and control of your computer. It attempts to spread via removable drives and network shares, P2P (peer-to-peer) services and IM (instant messaging).
It is a member of the Backdoor:Win32/IRCbot family of bots.
Alert level:
severe