Rinbot.h is a worm that spreads through network shares protected by weak passwords. It can also propagate by exploiting remote security vulnerabilities of Symantec and Microsoft software. Once installed, the parasite runs a payload. It opens a back door providing the attacker with unauthorized remote access to the compromised computer. The intruder can download and execute files, terminate security-related processes, gather system and network information, steal registration details of installed software and update the worm. Rinbot.h can also run hidden web and FTP servers.
