Let’s clarify a few points on this computer risk. Backdoor:W32/Oscarbot.gen!A is a remote administration utility responsible for bypassing security mechanisms to secretly manage a computer. Next, oscarbot is identified as a backdoor program performing with the help of IRC.
|Name : Backdoor:W32/Oscarbot.gen!A|
|Detection Names : Backdoor.Win32.IRCBot|
|Aliases: Worm:Win32/Pushbot (Microsoft)
W32.IRCBot (Symantec), W32/Sdbot.worm (McAfee)
|Platform: W32 You need to reme|
Table 1.Details of the backdoor
Remember that oscarbot has the tendency to propagate through multiple vectors, like:
- Removable media for instance USB thumb drives
- Instant Messaging (IM) networks including AIM, MSN, ICQ and Triton
- Network shares
- Peer-to-Peer (P2P) networks like Edonkey2000, Morpheus, KAZAA, LimeWire, BearShare and Grokster.
Referring to installation, the Backdoor:W32/Oscarbot.gen!A will create a copy of itself in:
Also, oscarbot shows the following on execution:
In addition, the backdoor program tries to create the following Registry key aiming to automatically execute its copy in the Windows directory:
- SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Services = “service.exe”
The term malware is used to lump all computer threats together. Due to this reason be as technically sophisticated as you can to avoid being infected by Backdoor.Win32.IRCBot or other potential computer dangers.