Intrusion Prevention

AA.bot.Botlist.File.Access

Description

This threat is an HTTP request, from a host with aa.bot installed, for a file used to track the spread of aa.bot. By logging the attempts to access this file, the creator of the bot can have a reasonable idea of how many systems the bot has infected. The bot pulls the file down via HTTP.

Affected Products

Any system may be vulnerable.

Impact

aa.bot is installed on the system.
Collect information.

Recommended Actions

Use antivirus software to scan and clean the system.