Gaobot
Gaobot is a worm that spreads through several methods such as open network shares, backdoors in which the Beagle and Mydoom worms install, and the following Windows vulnerabilities:
DCOM RPC Vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135.
Workstation Service Buffer Overrun Vulnerability (described in Microsoft Security Bulletin MS03-049) using TCP port 445. Windows XP users are protected against this vulnerability if Microsoft Security Bulletin MS03-043 has been applied. Windows 2000 users must apply MS03-049.
Exploitation of Microsoft Windows Local Security Authority Service Remote Buffer Overflow (described in Microsoft Security Bulletin MS04-011).
The Gaobot worm maliciously attempts to block security programs on the users PC. Gaobot also has the ability to attack other systems by acting as a backdoor server program.
Table of Contents
Aliases
6 security vendors flagged this file as malicious.
| Anti-Virus Software | Detection |
|---|---|
| Sophos | Mal/HckPk-A |
| Prevx1 | Malware:Gaobot.B |
| Panda | Suspicious file |
| Microsoft | Trojan:Win32/SystemHijack.gen |
| eSafe | suspicious Trojan/Worm |
| AntiVir | TR/Crypt.ULPM.Gen |
SpyHunter Detects & Remove Gaobot
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | explore.exe | 0007deb0315ac62b81f3eb10d71166ba | 0 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.