Main Menu
Home
Bookmark
Contact Us



 
RDBot Worm Information

Name: RDBot
Category: Worm
Alias: - Alias: IRC-Worm.Fruit.b
Advice: Remove
Risk: Severe Risk Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine.
Description: A LSASS vulnerability worm, that propogates itself via network shares.

RDBot is used to steal passwords and product keys from a number of games and applications, can also terminate antivirus processes weakening your computer security. Some variants are known to contain keyloggers.

When infected RDBot will insert itself into the HKEY_LOCAL_MACHINE>Software>Microsoft>
Windows>CurrentVersion>Run with a variety of system security looking names.

RDbot will also add itself as a system service
further degrading the system stability.


Signatures: process: random.exe: MD5 Hash: 3f3cc8a5afba6933aca... process: suge.exe: MD5 Hash: 68c75fdc65147831499... process: random.exe: MD5 Hash: 6da7b4aa4cdeced4b0d... process: vjbczzxzs.exe: MD5 Hash: f0c6c8c8e27f0f679ad... process: msupdsrv.exe: MD5 Hash: 1ffda4c95f527b02d54... process: random.exe: MD5 Hash: 2684ffd69f8c210a07c... process: mszk.exe: MD5 Hash: babfbc267f213749ffc... process: msmacroprot32.exe: MD5 Hash: 081c6f1b809b8f32e3e... process: taksmgr.exe: MD5 Hash: ... process: taksmgr.exe: MD5 Hash: b2af1db87610ab9cfc9..
Type: Worm - Spyware's primary purpose is to collect demographic and usage information from your computer, usually for advertising purposes. Spyware usually that 'sneaks' onto a system or performs other activities hidden to the user. Spyware programs are usually bundled as a hidden component and downloaded from the Internet. These modules are almost always installed on the system secretively and try to run secretively as well.



Top Worm Visited Pages:
RDBot - Alias: Rdbot.xx variants, Spybot.xx, Sdbot.xx - 1097 visits
Rbot - Alias: Backdoor.Rbot.Gen - 585 visits
Wukill.mstray - Alias: Win32/HLLW.Wukill - 564 visits
SDBot - Alias: Wootbot.gen, Wootbot, Donk, spybot, Agobot - 468 visits
Trojan.Downloader.winstall - 243 visits
Worm.Brit.e - Alias: VBS/Chick.e@M virus - 242 visits
Gaobot - 201 visits
Win32/Darby.O - 185 visits
IRC.Worm.Pron - Alias: Pron.gen - 158 visits
Worm.P2P.SpyBot.gen - 120 visits

Random Worm Pages:
Worm.Upd.1161 - Alias: IRC-Worm.Upd.1161, MYouth.1161, UPD
Worm.Embrion - Alias: I-Worm.Kadr
Worm.Lee-based
Worm.Radix.b - Alias: W32/Grifout@MM
Worm.Trilissa.e
IRC.Worm.Wordsworth
Worm.P2P.Zaka.a - Alias: W32/Zaka.worm
Boobbed jpg worm - Alias: IRC-Worm.dmsetup.h
Worm.Stator.a - Alias: W32/Stator.A, W32/Stator@MM
Fruit worm - Alias: IRC-Worm.Fruit.b


 


2006-2008 spyware32.com - Privacy Policy