Gaobot.EYP is a worm with backdoor characteristics that allows hackers to gain remote control over the affected computer and carry out actions such as command execution, download and execute files, log keystrokes, obtain different information on the computer, launch distributed denial of service (DDoS) attacks, etc.
Gaobot.EYP also ends processes belonging to several security tools, such as antivirus programs and firewalls, among others. This leaves the affected computer vulnerable to the attack of other malware.
Additionally, it ends other processes, belonging to other worms.
Gaobot.EYP uses different means to spread:
It makes copies of itself in the shared network resources it accesses to.
It exploits the LSASS, RPC DCOM, WINS and Workstation Service Buffer Overrun vulnerabilities to spread across the Internet.
It can access computers with the application SQL Server installed, and whose SA (System Administrator) account password is blank.
It is highly recommendable to download the security patches for the LSASS, RPC DCOM, WINS and Workstation Service Buffer Overrun vulnerabilities from the Microsoft website.