Content deleted Content added
122.165.254.34 (talk) |
122.165.254.34 (talk) No edit summary |
||
Line 2: | Line 2: | ||
'''Backdoor.Win32.IRCBot''' (also known as '''W32/Poebot-JT''', '''W32/Backdoor.NYG''', '''Win32/IRCBot.TS''', and '''W32/Gaobot.worm.gen.e'''<ref name ="cpu">[http://www.expresscomputeronline.com/20061030/technology03.shtml Express Computer Online: Sophos reports W32/Poebot-JT] Retrieved January 2, 2008</ref>) is a [[Backdoor (computing)|backdoor]] [[computer worm]] that is spread through [[MSN Messenger]] and [[Windows Live Messenger]] by downloading photo album.zip from someone.<ref name="Seattle">[http://seattletimes.nwsource.com/html/businesstechnology/2003107486_bizbriefs06.html Seattle Times: Worm pretends it's Windows program] Retrieved January 2, 2008</ref> Once [[installed]] on a [[personal computer|PC]], the worm copies itself into a Windows [[system folder]], creates a new file displayed as "Windows Genuine Advantage Validation Notification" and becomes part of the computer's automatic [[Booting|startup]].<ref name="Seattle" /> It provides a backdoor [[Server (computing)|server]] and allows a remote intruder to gain access and control over the computer via an [[Internet Relay Chat]] channel.<ref name="cpu" /> This allows for confidential information to be transmitted to a [[Hacker (computer security)|hacker]].<ref>[http://www.net-security.org/secworld.php?id=4574 Net-Security: Search engine vulnerabilities a major factor in proliferation of malware infections] Retrieved January 2, 2008</ref> |
'''Backdoor.Win32.IRCBot''' (also known as '''W32/Poebot-JT''', '''W32/Backdoor.NYG''', '''Win32/IRCBot.TS''', and '''W32/Gaobot.worm.gen.e'''<ref name ="cpu">[http://www.expresscomputeronline.com/20061030/technology03.shtml Express Computer Online: Sophos reports W32/Poebot-JT] Retrieved January 2, 2008</ref>) is a [[Backdoor (computing)|backdoor]] [[computer worm]] that is spread through [[MSN Messenger]] and [[Windows Live Messenger]] by downloading photo album.zip from someone.<ref name="Seattle">[http://seattletimes.nwsource.com/html/businesstechnology/2003107486_bizbriefs06.html Seattle Times: Worm pretends it's Windows program] Retrieved January 2, 2008</ref> Once [[installed]] on a [[personal computer|PC]], the worm copies itself into a Windows [[system folder]], creates a new file displayed as "Windows Genuine Advantage Validation Notification" and becomes part of the computer's automatic [[Booting|startup]].<ref name="Seattle" /> It provides a backdoor [[Server (computing)|server]] and allows a remote intruder to gain access and control over the computer via an [[Internet Relay Chat]] channel.<ref name="cpu" /> This allows for confidential information to be transmitted to a [[Hacker (computer security)|hacker]].<ref>[http://www.net-security.org/secworld.php?id=4574 Net-Security: Search engine vulnerabilities a major factor in proliferation of malware infections] Retrieved January 2, 2008</ref> |
||
== |
== External links == |
||
* [http://www.srnmicro.com/virusinfo/bck02084.htm Backdoor.Win32.IRCBot removal instructions from Solo Antivirus Software] |
* [http://www.srnmicro.com/virusinfo/bck02084.htm Backdoor.Win32.IRCBot removal instructions from Solo Antivirus Software] |
||
== References == |
|||
{{reflist}} |
{{reflist}} |
Revision as of 06:48, 9 August 2009
Backdoor.Win32.IRCBot (also known as W32/Poebot-JT, W32/Backdoor.NYG, Win32/IRCBot.TS, and W32/Gaobot.worm.gen.e[1]) is a backdoor computer worm that is spread through MSN Messenger and Windows Live Messenger by downloading photo album.zip from someone.[2] Once installed on a PC, the worm copies itself into a Windows system folder, creates a new file displayed as "Windows Genuine Advantage Validation Notification" and becomes part of the computer's automatic startup.[2] It provides a backdoor server and allows a remote intruder to gain access and control over the computer via an Internet Relay Chat channel.[1] This allows for confidential information to be transmitted to a hacker.[3]
External links
References
- ^ a b Express Computer Online: Sophos reports W32/Poebot-JT Retrieved January 2, 2008
- ^ a b Seattle Times: Worm pretends it's Windows program Retrieved January 2, 2008
- ^ Net-Security: Search engine vulnerabilities a major factor in proliferation of malware infections Retrieved January 2, 2008