1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content




Backdoor:W32/IRCBot

Detection Names : Win32.IRCBot, W32/IRCBot
Category:Malware
Type:Backdoor
Platform:W32

Summary

A remote administration utility which bypasses normal security mechanisms to secretly control a program, computer or network.

Disinfection


Automatic Disinfection

Allow F-Secure Anti-Virus to disinfect the relevant files.

For more general information on disinfection, please see Removal Instructions.

Additional Details

The detection name Backdoor:W32/IRCBot is used to identify a member of a large group of programs that install a backdoor on an infected machine.

The backdoor will then log onto Internet Relay Chat (IRC), the popular instant messaging (IM) system. It may then act as an IRCBot, a type of "bot" that an attacker can control from a modified IRC client.

IRCBots can be used for a variety of malicious actions, such as controlling backdoors or botnets. Backdoors allow a remote attacker to control an infected machine, while botnets can be used to harness a the collective resources of infected machines to perform more resource-intensive actions, such as sending out massive quantities of spam or launching major Denial of Service (DoS) attacks.

Examples: