:item2: What is it?
A fast-spreading Internet Relay Chat (IRC) bot worm
affecting systems worldwide, W32/IRCbot.worm!MS05-039
exploits a recently announced Microsoft operating system
vulnerability to spread and possibly help a remote hacker
control an infected system.
You can be infected simply by going online. Once infected,
your system may continually reboot.
:item2: How do I know if I’ve been infected?
The virus copies itself to the Windows System directory
(e.g. C:/Windows/System32 on Windows XP) as WINTBP.EXE.
The file can be run automatically by exploiting the
MS05-039 vulnerability or by a user directly executing