Welcome to the Virus Encyclopedia of Panda Security.
It connects to an IRC server in order to receive remote control commands and downloads the Trojan detected as Spammer.ZV in the affected computer. It exploits the vulnerability SQL and a vulnerability in Symantec, in order to spread to as many computers as possible, among other means of transmission.
|First detected on:||March 7, 2007|
|Detection updated on:||March 7, 2007|
|Yes, using TruPrevent Technologies
Rinbot.H is a worm that connects to an IRC server in order to receive remote control commands, which allow its author to gain total control over the affected computer.
Additionally, it downloads the Trojan detected as Spammer.ZV in the affected computer.
Rinbot.H uses several different means to spread:
- Across the Internet by exploiting the vulnerability SQL and a vulnerability in Symantec.
- Across networks.
- Via mapped drives.
- Through storage devices connected via USB.
It is highly recommendable to download the security patch for the vulnerability SQL from the Microsoft website.
Rinbot.H is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.>