Welcome to the Virus Encyclopedia of Panda Security.
It connects to an IP address in order to receive remote control commands. It ends several processes belonging to other malware. It spreads across the Internet by exploiting the Plug and Play vulnerability.
|First detected on:||Aug. 17, 2005|
|Detection updated on:||Jan. 14, 2006|
|Yes, using TruPrevent Technologies
|Repair utility:||Panda QuickRemover|
IRCbot.KD is a worm that connects to a certain IP address, acting as a backdoor.
Additionally, it ends several processes belonging to other malware such as previous variants of Zotob and IRCbot, among others.
IRCbot.KD spreads across the Internet, by exploiting the Plug and Play vulnerability.
If you have a Windows 2003/XP/2000 computer, it is highly recommendable to download the security patch for the Plug and Play vulnerability from the Microsoft website.
Click on the picture below to see a full-size diagram of the characteristics of IRCbot.KD and how to protect your computer against them.
IRCbot.KD is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.