TechSpot

Virus Alert

By etones
Aug 29, 2005
  1. CURRENT THREAT W32/IRCbot.worm!MS05-039
    High Risk

    What is it?

    A fast-spreading Internet Relay Chat (IRC) bot worm affecting systems worldwide, W32/IRCbot.worm!MS05-039 exploits a recently announced Microsoft operating system vulnerability to spread and possibly help a remote hacker control an infected system.

    You can be infected simply by going online. Once infected, your system may continually reboot.

    What you can do

    make sure you have the latest virus definition updates installed and perating system patches.

    How do I know if I've been infected

    The virus copies itself to the Windows System directory (e.g. C:\Windows\System32\ on Windows XP) as WINTBP.EXE.

    The file can be run automatically by exploiting the MS05-039 vulnerability or by a user directly executing the worm.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...