W32/Rbot-ABV is a Windows network worm which attempts to spread via network shares. The worm contains backdoor functions that allows unauthorised remote access to the infected computer via IRC channels while running in the background.
The worm spreads to network shares with weak passwords and also by using the LSASS security exploit (MS04-011) and the WKS security exploit (MS03-049).
The following patches for the operating system vulnerabilities exploited by W32/Rbot-ABV can be obtained from the Microsoft website:
Troj/Agent-DQ is a Windows DLL downloader helper component.
Once installed, the Trojan provides functionality to allow the installer application to:
silently download files from the internet and run them
create registry entries to allow the installer application to run itself on user logon
receive and send HTTP requests without user notification
modify internet settings