backdoor.agobot.ge
Webroot Antivirus: The best protection against viruses, spyware data theft and hackers.
Description:
Details
Backdoor.Agobot.gen
This is a classical backdoor and allows a 'master' to control the victim machine remotely by sending commands via IRC channels.
Installation
Agobot copies itself into the Windows directory under random names and then registers itself in the system registry auto-run keys:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
Manifestations
Agobot connects to various IRC servers opening channels identified in the body of the worm. It is then ready to receive commands from the 'master', who can now download and launch files on the victim machine, scan other computers for vulnerabilities and install itself on these vulnerable machines.
Copyright @2006 backdoor.agobot.ge