More specifically because, in the world of today a lot of websites that you visit attempt to install a backdoor onto your system. Consequently, your system becomes sluggish. If, having analyzed all the symptoms of your computer you are confident that something malicious occurred, it is possible that you have come across Backdoor:W32/Oscarbot.gen!A.
Let’s clarify a few points on this computer risk. Backdoor:W32/Oscarbot.gen!A is a remote administration utility responsible for bypassing security mechanisms to secretly manage a computer. Next, oscarbot is identified as a backdoor program performing with the help of IRC.
| Name : Backdoor:W32/Oscarbot.gen!A | |
| Detection Names : Backdoor.Win32.IRCBot | |
| Aliases: Worm:Win32/Pushbot (Microsoft) W32.IRCBot (Symantec), W32/Sdbot.worm (McAfee) |
|
| Category: Malware | |
| Type: Backdoor | |
| Platform: W32 You need to reme |
Table 1.Details of the backdoor
Remember that oscarbot has the tendency to propagate through multiple vectors, like:
- Removable media for instance USB thumb drives
- Instant Messaging (IM) networks including AIM, MSN, ICQ and Triton
- Network shares
- Peer-to-Peer (P2P) networks like Edonkey2000, Morpheus, KAZAA, LimeWire, BearShare and Grokster.
Referring to installation, the Backdoor:W32/Oscarbot.gen!A will create a copy of itself in:
- %windir%\service.exe
Also, oscarbot shows the following on execution:
In addition, the backdoor program tries to create the following Registry key aiming to automatically execute its copy in the Windows directory:
- SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Services = “service.exe”
The term malware is used to lump all computer threats together. Due to this reason be as technically sophisticated as you can to avoid being infected by Backdoor.Win32.IRCBot or other potential computer dangers.
Resources:
Wikipedia on backdoors
Summary on the backdoor
Report on the threat