Backdoor:Win32/Rbot.BO is a member of Win32/Rbot - a large family of IRC-controlled backdoors that allow unauthorized access and control of an affected computer. Using this backdoor, an attacker can perform a large number of different actions on an affected computer, including downloading and executing arbitrary files, stealing sensitive information and spreading to other computers using various methods.

TrojanDownloader:Win32/Bagle.BO.dll is a Trojan that targets computers running certain versions of Microsoft Windows. This Trojan is dropped by TrojanDropper:Win32/Bagle.BO and other TrojanDropper:Win32/Bagle variants. It is injected into the explorer.exe process when Windows starts.

Worm:Win32/Hamweq.BO is a worm that spreads via removable drives, such as USB memory sticks. It contains an IRC-based backdoor, which may be used by a remote attacker to order the affected machine to participate in Distributed Denial of Service attacks, or to download and execute arbitrary files.

Windows Defender detects and removes this threat.

This threat can steal your online user names and passwords.

It can arrive on your PC as a malicious spam email attachment.

Windows Defender detects and removes this threat.

It can give a remote malicious hacker access to your PC. 

This virus spreads through infected networks and removable drives such as floppy disks, USB sticks, or flash card readers.

See the Win32/Virut family description for more information.

Windows Defender detects and removes this threat.

This threat can download other malware onto your PC, such as variants of Win32/Zbot, Win32/Vawtrak, Win32/Evotob and Win32/Dyzap.

It can be installed by other malware. We have seen it arrive as an attachment to spam that is distributed by the Win32/Cutwail and Win32/Hedsen family.

See the Win32/Upatre family description for more information.

TrojanSpy:Win32/Ursnif.BO is a trojan that steals sensitive information from an affected machine.

PWS:Win32/Zbot.BO is a password stealing trojan. Win32/Zbot also contains backdoor functionality that allows unauthorized access and control of an affected machine.

Worm:Win32/Nuqel.BO is a worm - a self-propagating program that can spread itself from one computer to another. Worms may spread themselves via a variety of different channels in order to compromise new computers. Commonly, worms may spread directly by copying themselves to removable or network drives, or by attempting to exploit particular vulnerabilities on targeted computers. Worms also often attempt to spread via platforms that require user interaction in order to run. They may send themselves as an attachment to an email or an instant message, or send a link to a copy of themselves in the body of a message. In these cases the message needs to be convincing enough to encourage the victim to click on the link or attachment and run or download a copy of the worm.

Worm:Win32/Autorun.BO is a worm that may drop a backdoor trojan (identified as Backdoor:Win32/Bifrose.gen!A) and connect with remote Web sites.

TrojanDropper:Win32/Bagle.BO is a Trojan that targets computers running certain versions of Microsoft Windows. The dropper spreads as an e-mail attachment sent by an attacker. When a user opens the attachment, TrojanDropper:Win32/Bagle.BO installs itself on the computer and drops TrojanDownloader:Win32/Bagle.BO.dll.

VirTool:Win32/CeeInject.gen!BO is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.

Trojan:Win32/DelfInject.gen!BO is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.

Windows Defender detects and removes this threat.

This threat uses vulnerabilities in recent versions of Internet Explorer, Microsoft Silverlight, Adobe Flash Player, and Java to install malware on your PC.

It can be installed when you visit a malicious or hacked website, or click a malicious link in an email.

See the Exploit:JS/Axpergle family description for more information.

To learn more about how this threat is being used by cybercriminals,

Read: Exploit kits remain a cybercrime staple against outdated software – 2016 threat landscape review series

VirTool:Win32/VBInject.gen!BO is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.

VirTool:Win32/Injector.gen!BO is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.

Worm:Win32/Slenfbot.BO is a worm that can spread via MSN Messenger. The worm also contains backdoor functionality that allows unauthorized access to an affected machine. This worm does not spread automatically upon installation, but must be ordered to spread by a remote attacker.