|W32/Agobot-LT is an IRC backdoor Trojan which establishes a connection to a remote server.
The Trojan may be able to spread using network shares using weak passwords if instructed so by the attacker.
When the Trojan infects a computer, it may send a notification message to the attacker containing the IP address of the infected computer.
It may attempt to terminate anti-virus and firewall related processes, in addition to other viruses, worms or Trojans.
Changes the text file named HOSTS which may contain a list of anti-virus and other security-related websites each bound to the IP loopback address of 127.0.0.1 which would effectively prevent access to these sites.
Can sniff HTTP, VULN, ICMP, FTP and IRC network traffic and steal data from them.
Can also be used to initiate denial-of-service (DoS) and distributed denial-of-service (DDoS) synflood / httpflood / fraggle / smurf etc attacks against remote systems.
This Trojan may steal the Windows Product ID and AOL Instant Messenger Product ID and keys from several computer applications or games.
Remove this worm by using antivirus (also check How To Remove section)Startup Optimizer.