|
|
Rbot.sysdll32 Trojan Information
| Name: |
Rbot.sysdll32 |
| Category: |
Trojan |
| Alias: |
- Alias: QZap134, RickDogg, Trojan.RickDogg |
| Advice: |
Remove |
| Risk: |
Severe Risk
Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine. |
| Description:
|
Rbot.sysdll32 is an IRC Trojan Bot.
scvchost.exe
Attacks other hosts on port 135
Connects to IRC server @ 38.119.227.110:6667
sysdll32.exe
Attacks other hosts on port 445
Connects to IRC server @ 206.62.134.66:32440
|
| Signatures:
|
process: scvchost.exe: MD5 Hash: 4cfefc817666dea7bc6...
process: sysdll32.exe: MD5 Hash: a074dcff79aa8a0dc51.. |
| Type: |
Trojan - A Trojan software is any software on a user's computer that the user is not aware or intentionally installed. Most Trojan software is designed to perform some sort of actions that could jeopardize the user's security or privacy. |
Top Trojan Visited Pages:
Tro.Downloader.loadadv - 408 visits
Enable Regedit - 191 visits
Java.ClassLoader.Dummy.d - 182 visits
Trojan.BankerSpy - 176 visits
RBot.steam - 85 visits
Startup.NameShifter.Xgtray - 76 visits
Tro.Bagle.SP - 58 visits
Trojan.BHO.NameShifter.EZ - 54 visits
LRPatch Trojan - 54 visits
Tro.YourStartingPage - 53 visits
Random Trojan Pages:
Trojan.Startup.Nameshifter.mfckk
Startup.NameShifter.Xgtray
Trojan.BHO.NameShifter.DP
Startup.NameShifter.KL
See The World
Fluxay 0.4 - Alias: Fluxay
Diesel - Alias: BackDoor-AAZ trojan, BackDoor-AAZ, Backdoor.Diesel, Backdoor.Diese
RBot.rsms
EasyTroj Trojan - Alias: QDel212, Trojan.DelFiles.a
QFat34 Trojan - Alias: QZap134, RickDogg, Trojan.RickDogg
|
|
