Welcome to the Virus Encyclopedia of Panda Security.
It connects to an IRC server in order to receive remote control commands and downloads the Trojan detected as Spammer.ZV in the affected computer. It exploits the vulnerabilities LSASS and RPC DCOM, in order to spread to as many computers as possible, among other means of transmission.
|First detected on:||March 2, 2007|
|Detection updated on:||March 5, 2007|
|Yes, using TruPrevent Technologies
Rinbot.B is a worm that connects to an IRC servers in order to receive remote control commands, which allow its author to gain total control over the affected computer.
Additionally, it downloads the Trojan detected as Spammer.ZV in the affected computer.
Rinbot.B uses several different means to spread:
- Across the Internet by exploiting the vulnerabilities LSASS and RPC DCOM.
- Across networks.
- Via mapped drives.
- Through storage devices connected via USB.
It is highly recommendable to download the security patches for the vulnerabilities LSASS and RPC DCOM from the Microsoft website.
Rinbot.B is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.