Backdoor:Win32/Rbot.AJ

Detected by Microsoft Defender Antivirus

Aliases: Win32/Rbot.BRB (CA) Backdoor.Win32.Rbot.gen (Kaspersky) Backdoor:Win32/Rbot.gen!A (Microsoft) W32/Spybot.dam (Norman) W32/Rbot-Fam (Sophos) VIPRE.Suspicious (Sunbelt Software) W32.Spybot.Worm (Symantec) PE_Generic (Trend Micro)

Summary

Backdoor:Win32/Rbot.AJ is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Backdoor:Win32/Rbot.AJ may be detected as Backdoor:Win32/Rbot.gen!A.

Backdoor:Win32/Rbot.AJ may download and install additional malicious software, thus manual removal is not recommended. To detect and remove this Trojan and other malicious software that may have been installed, run a full-system scan with an up-to-date antivirus product such as the Microsoft Safety Scanner (http://go.microsoft.com/fwlink/?LinkId=212742). For more information, visit http://www.microsoft.com/athome/security/downloads/default.mspx

Backdoor:Win32/Rbot.AJ

Summary

What to do now

Technical information

Threat behavior

Prevention

Symptoms