Home Malware Programs Backdoors BKDR_IRCBOT.DAM


Posted: October 28, 2011

BKDR_IRCBOT.DAM is a Trojan that distributes itself in the form of a supposed video clip of Muammar Gaddafi's death. Unlike other Trojans that utilize similar scams like BKDR_EXDEPH.A, BKDR_IRCBOT.DAM doesn't even pretend to offer any real media content once you've opened BKDR_IRCBOT.DAM. Instead of receiving a movie clip, your PC will unwittingly embrace an installation of the backdoor Trojan BKDR_IRCBOT.DAM, a security-reaming Trojan that can be responsible for theft of personal information, the installation of other types of PC threats and even total loss of control over your computer. If you've attempted to view a movie file from an e-mail message and haven't found a movie nestled inside the file, you may need to delete BKDR_IRCBOT.DAM with a dependable anti-malware application before BKDR_IRCBOT.DAM has time to ramp up serious attacks.

BKDR_IRCBOT.DAM – Just One of Many Trojans Making Money Out of Dictatorial Demise

As is also the case with BKDR_EXDEPTH.A and Mal/Behav-103, BKDR_IRCBOT.DAM spreads through the web with a little help from spam e-mail messages. A BKDR_IRCBOT.DAM e-mail can be recognized by appearing in the form of a fake CNN newsletter, although, so far, only Spanish-language versions of this e-mail have been seen. This fraudulent newsletter contains the CNN logo and overall looks believable save for the inclusion of a 'Video-Gadhafi.mpeg.exe' file attachment. Of course, although the e-mail message will claim that this file is a video clip, in reality, it's the backdoor Trojan BKDR_IRCBOT.DAM.

As its name implies, BKDR_IRCBOT.DAM uses IRC server communication to receive files and instructions, and is, at a minimum, capable of the following attacks:

  • Bypassing your security-related software and settings to allow itself to have unimpeded network traffic. This can include uploading your private information or downloading malicious files.
  • Updating itself to enhance its own features on an automatic basis.
  • Installing hostile programs, such as spyware, viruses or fake PC security applications.
  • Deleting some of its files after performing hostile actions (to make it difficult to detect or remove a BKDR_IRCBOT.DAM infection).

Letting the Dead and Your PC Rest in Peace from BKDR_IRCBOT.DAM Attacks

SpywareRemove.com malware analysts always recommend that you act hastily to delete any backdoor infection, and that includes deleting BKDR_IRCBOT.DAM as soon as possible. Failure to do this can cause your passwords to be stolen, your accounts to be hijacked, or your PC to be misused for DDoS crimes, as just a few examples of BKDR_IRCBOT.DAM's possible payloads. You should also assume that BKDR_IRCBOT.DAM is active, unless you've used Safe Mode or another method of deactivating BKDR_IRCBOT.DAM; this can cause anti-malware system scans to fail.

Safe Mode, however, can be accessed on any Windows computer and allows your PC to shut down BKDR_IRCBOT.DAM's automatic startup routine with minimal fuss. SpywareRemove.com malware experts also recommend that you update your anti-malware program of choice, if necessary, since this may be critical to identifying all components of a BKDR_IRCBOT.DAM infection. Afterwards, you may wish to double-check your firewall and network settings to make sure that they aren't still set to unsafe values.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to BKDR_IRCBOT.DAM may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

Video-Gaddafi.mpeg.exe File name: Video-Gaddafi.mpeg.exe
File type: Executable File
Mime Type: unknown/exe