|W32.IRCBot.F is a backdoor Trojan horse that connects to an IRC server and waits for commands from an attacker.
Allows unauthorized remote access to an infected computer.
Deletes the shares from local drives.
Connects to the IRC server tehr8x.spbx.net using TCP port 6667.
Joins a predefined channel, using a random nickname, and waits for commands from the IRC server.
These commands can allow the attacker to:
- Manage the installation of the Trojan
- Control the IRC client on a compromised computer
- Update the installed Trojan
- Send the Trojan to other IRC channels
- Download and execute files
- Perform Denial of Service (DoS) attacks against a target, which the hacker defines
- Uninstall itself completely by removing the relevant registry entries
- Go to Web sites
- Copy itself to shared folders on other computers
- Steal license keys for predefined games
- Terminate processes
Use antivirus (also check How To Remove section)Startup Optimizer to remove it from startup.