Worm.Rbot.AATS
Worm.Rbot.AATS is a network-aware worm that may attempt to replicate across an existing network. Worm.Rbot.AATS has been found to produce outbound traffic and can also download unknown files from the Internet. Worm.Rbot.AATS may create a startup registry entry that contains the characteristics of a severe security risk and should be promptly removed from the infected system.
Aliases
BackDoor-EFI (McAfee)
Mal/Generic-E (Sophos)
TrojanDropper:Win32/Agent.BAD (Microsoft)
Win32/IRCBot.worm.variant (AhnLab)
Mal/Generic-E (Sophos)
TrojanDropper:Win32/Agent.BAD (Microsoft)
Win32/IRCBot.worm.variant (AhnLab)
File System Modifications
- The following files were created in the system:
# File Name 1 %System%\cmd.exe 2 %System%\mmc.exe 3 %System%\taskmgr.exe 4 %Windir%\system.ini
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.