Backdoor:Win32/Rbot.V is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan can spread by copying itself to network shares and by exploiting the Windows vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026. Backdoor:Win32/Rbot.V connects to an IRC server to receive commands from attackers.

Backdoor:Win32/Rbot.M is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan can spread by copying itself to network shares and by exploiting the Windows DCOM RPC vulnerability described in Microsoft Security Bulletin MS03-026. Backdoor:Win32/Rbot.M connects to an IRC server to receive commands from attackers.

Backdoor:Win32/Flux.I is a trojan that injects itself into the explore.exe and iexplore.exe processes, and attempts to connect to a pre-designated Web site on TCP port 8080.

Backdoor:Win32/Poebot is a family of backdoor trojans that allow remote attackers to control infected computers. After a computer is infected, the trojan connects to a specific IRC server and joins a specific channel to receive commands from attackers. Commands can instruct the trojan to spread to other computers by scanning for network shares with weak passwords, exploiting unpatched vulnerabilities, and spreading through backdoor ports opened by other families of malicious software. The trojan can also allow attackers to perform other backdoor functions, such as launching denial of service (DoS) attacks and retrieving system information from infected computers. In addition, the trojan may be used to steal CD keys and licensing credentials for various online games.

VirTool:WinNT/Haxdoor.B is a kernel-mode rootkit-enabled Trojan that allows remote control of the infected machine over the Internet. The Trojan contains instructions that allow it to disable certain antivirus programs and firewall applications, log keystrokes, allow remote connections, lower security settings or perform other unwanted actions. VirTool:WinNT/Haxdoor.B gathers user and system information and sends it to a third party.

Worm:Win32/Moriogu.A is a worm that spreads via network drives. It also modifies various system settings, including the system boot menu.

Backdoor:Win32/VB.CCB is a worm that spreads via network drives. It also modifies various system settings, including the system boot menu.

Backdoor:Win32/Qakbot.gen!A is a generic detection for a trojan backdoor that connects to a remote server, allowing an attacker to access the infected system. By allowing remote access, this backdoor trojan can perform several actions including stealing information and logging user keystrokes. Some variants of this malware may attempt to spread to open shares across a network, including the default shares C$ and Admin$.

Backdoor:Win32/Berbew.A is a backdoor Trojan that downloads to a computer using another downloader Trojan that is sent through e-mail. Backdoor:Win32/Berbew.A retrieves locally cached passwords and sends them to a Web site. It also opens certain ports.

Backdoor:Win32/Berbew.B is a backdoor Trojan that downloads to a computer by another downloader Trojan that is sent in e-mail. Backdoor:Win32/Berbew.B retrieves locally cached password and sends them to a Web site. The Trojan opens certain ports.