Welcome to the Virus Encyclopedia of Panda Security.
It connects to an IRC server in order to receive remote control commands. It exploits the vulnerabilities LSASS, RPC DCOM and UPnP, in order to spread to as many computers as possible.
IrcBot.AIV is a worm that connects to several IRC servers in order to receive remote control commands, acting as a backdoor. It can be instructed to download files, execute commands, list processes, etc.
Additionally, IrcBot.AIV installs its own FTP (File Transfer Protocol) server on the affected computer in order to spread to other systems.
IrcBot.AIV uses different means to spread:
It is highly recommendable to download the security patches for the vulnerabilities LSASS, RPC DCOM and UPnP from the Microsoft website.
IrcBot.AIV is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.
ARE YOU FACING ANY PC OR INTERNET RELATED PROBLEMS? FREE SUPPORT INCLUDED. CALL US 24/7
powered by Anytech365