What is Global Threat Bot (GTbot)?
The Global Threat Bot, commonly known as GTbot, is an IRC bot and backdoor Trojan. The GTbot is mIRC based and spreads when a user is tricked into downloading what appears to be a software utility (e.g. a disk cleaner).
GTbot is also known as Aristotle or IRC Trojan Aristotles.
After a computer is infected with GTbot, the trojan executes a stealth mIRC client without the knowledge of the user. The attacker could then obtain information about the infected computer and launch a Denial-of-Service (DoS) attack on the infected computer.
Popular filenames for GTbot are: temp.exe, miri.inc, script.inl, temp.scr, and WHVLXD.DAT.