CURRENT THREAT W32/IRCbot.worm!MS05-039
High Risk
What is it?
A fast-spreading Internet Relay Chat (IRC) bot worm affecting systems worldwide, W32/IRCbot.worm!MS05-039 exploits a recently announced Microsoft operating system vulnerability to spread and possibly help a remote hacker control an infected system.
You can be infected simply by going online. Once infected, your system may continually reboot.
What you can do
make sure you have the latest virus definition updates installed and perating system patches.
How do I know if I've been infected
The virus copies itself to the Windows System directory (e.g. C:\Windows\System32\ on Windows XP) as WINTBP.EXE.
The file can be run automatically by exploiting the MS05-039 vulnerability or by a user directly executing the worm.
High Risk
What is it?
A fast-spreading Internet Relay Chat (IRC) bot worm affecting systems worldwide, W32/IRCbot.worm!MS05-039 exploits a recently announced Microsoft operating system vulnerability to spread and possibly help a remote hacker control an infected system.
You can be infected simply by going online. Once infected, your system may continually reboot.
What you can do
make sure you have the latest virus definition updates installed and perating system patches.
How do I know if I've been infected
The virus copies itself to the Windows System directory (e.g. C:\Windows\System32\ on Windows XP) as WINTBP.EXE.
The file can be run automatically by exploiting the MS05-039 vulnerability or by a user directly executing the worm.