Virus type: Worm
Destructive: No
Aliases: W32.HLLW.Gaobot.gen, Win32.HLLW.Agobot, Worm/Agobot
Description:
This memory?resident malware has both worm and backdoor capabilities.
Like earlier AGOBOT variants, this worm also exploits the following Windows vulnerabilities to propagate across the network:
Remote Procedure Call (RPC) Distributed Component Object Model (DCOM) vulnerability on Windows 2000 and XP
RPC locator vulnerability on Windows NT, 2000, and XP
Buffer Overrun vulnerability in IIS 5.0/WebDav
Additional information regarding these vulnerabilities are available at the following Microsoft pages:
Microsoft Security Bulletin MS03-026
Microsoft Security Bulletin MS03-001
Microsoft Security Bulletin MS03-007
It also performs the following malicious tasks:
Connect to an Internet Relay Chat (IRC) channel and wait for commands from a remote user
Terminate several antivirus and security programs, and system files
Steal the Windows Product ID and CD Keys of many popular games
Terminate the processes of other malware
This UPX-compressed worm runs on Windows 2000 and XP.
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_AGOBOT.AV

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic