Backdoor:Win32/Rbot.MC is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan connects to an IRC server from the infected computer to receive commands from attackers. These commands can include copying the Trojan to other computers through network shares with weak passwords, through backdoor ports opened by other malicious software, or through the Windows Plug-and-Play vulnerability described in Microsoft Security Bulletin MS05-039.

Backdoor:Win32/Rbot.AV is a backdoor Trojan that connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Backdoor:Win32/Rbot.FN is a backdoor Trojan that runs in the background, gathers software installation and computer configuration details, and connects to an IRC server to receive commands from remote attackers. Commands could include instructions to spread to other computers via open network shares or by exploit of a security vulnerability, or to launch a denial of service (DoS) attack against specified targets.

Backdoor:Win32/Rbot.KP is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan can spread by copying itself to network shares and by exploiting the Windows vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026. Backdoor:Win32/Rbot.KP connects to an IRC server to receive commands from attackers.

Backdoor:Win32/Rbot.KV is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan can spread by copying itself to network shares and by exploiting the Windows vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026. Backdoor:Win32/Rbot.KV connects to an IRC server to receive commands from attackers.

Backdoor:Win32/Rbot.KI is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan can spread by copying itself to network shares and by exploiting the Windows vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026. Backdoor:Win32/Rbot.KI connects to an IRC server to receive commands from attackers.

Backdoor:Win32/Rbot.KJ is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan can spread by copying itself to network shares and by exploiting the Windows vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026. Backdoor:Win32/Rbot.KJ connects to an IRC server to receive commands from attackers.

Backdoor:Win32/Rbot.KL is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan can spread by copying itself to network shares and by exploiting the Windows vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026. Backdoor:Win32/Rbot.KL connects to an IRC server to receive commands from attackers.

Backdoor:Win32/Rbot.KB is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan can spread by copying itself to network shares and by exploiting the Windows vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026. Backdoor:Win32/Rbot.KB connects to an IRC server to receive commands from attackers.

Backdoor:Win32/Rbot.EN is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan connects to an IRC server to receive commands from attackers. This can include commands to spread to network shares and exploit the Windows vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026.

Backdoor:Win32/Rbot.LM is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan can spread by copying itself to network shares and by exploiting the Windows vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026. Backdoor:Win32/Rbot.LM connects to an IRC server to receive commands from attackers.

Backdoor:Win32/Rbot.DZ is a backdoor Trojan that targets computers running certain versions of Microsoft Windows. The Trojan can spread by copying itself to network shares and by exploiting the Windows vulnerabilities described in Microsoft Security Bulletins MS03-26 and MS04-011. The Trojan connects to an IRC server from an infected computer to receive commands from attackers.

Backdoor:Win32/Rbot.EB is a backdoor trojan that spreads by copying exploiting the vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026. Backdoor:Win32/Rbot.EB connects to an IRC server from the infected computer and accepts commands remote from attackers.

Backdoor:Win32/Rbot.JH is a backdoor trojan that spreads by copying itself to network shares with weak passwords and by exploiting the Windows vulnerabilities described in Microsoft Security Bulletins MS04-011 and MS03-026. Backdoor:Win32/Rbot.JH connects to an IRC server from the infected computer to receive commands from attackers.

Backdoor:Win32/Optix.W is a highly configurable backdoor Trojan that allows an attacker to control an infected computer remotely. It can also release system information to an attacker and disable security-related software and other programs. 

Backdoor:Win32/Hupigon is the main backdoor component of Win32/Hupigon, a family of backdoor Trojans. TrojanDropper:Win32/Hupigon registers this component as a service. The service then opens a backdoor server that allows other computers to connect to and control the infected computer in various ways.

Win32/Haxdoor is a family of rootkit-capable backdoor trojans which gather and send private user data to remote attackers. Collected data might include user names and passwords, credit card numbers, bank logon credentials, or other sensitive financial information. Files and processes related to a Win32/Haxdoor infection may be hidden by a kernel-mode rootkit component, detected by Microsoft as WinNT/Haxdoor. Win32/Haxdoor can also disable security-related software and redirect the infected user’s URL connection requests. Depending on the version of the operation system infected, Win32/Haxdoor may perform other malicious actions, such as clearing CMOS settings, destroying disk data, and shutting down Windows unexpectedly.