Welcome to the Virus Encyclopedia of Panda Security.
It connects to an IRC channel and waits for remote control commands. It allows to run files, hide active processes, etc.
|First detected on:||May 31, 2004|
|Detection updated on:||Feb. 7, 2005|
|Yes, using TruPrevent Technologies
Protoride.gen is not an specific worm, but a generic detection for future variants of the Protoride family. This group of worms has the following common characteristics:
- They spread across networks, by copying themselves to the shared resources they gain access to.
- They connect to an IRC channel trough port 6667 and wait for remote control commands. They can download and execute files, hide active processes, uninstall themselves, etc.
- They modify an entry from the Windows Registry. This means that all the files with an EXE extension can not be executed. By doing so, the applications in the affected computer can not be used.
Protoride.gen is difficult to recognize, as it does not show any messages or warnings that indicate it has reached the computer.
However, if some applications cannot be run, it may mean that Protoride.gen has reached your computer.