8 月
18
2005

VIRUS ALERT: W32/IRCbot.worm!MS05-039

:item2: What is it?

A fast-spreading Internet Relay Chat (IRC) bot worm

affecting systems worldwide, W32/IRCbot.worm!MS05-039

exploits a recently announced Microsoft operating system

vulnerability to spread and possibly help a remote hacker

control an infected system.

You can be infected simply by going online. Once infected,

your system may continually reboot.

:item2: How do I know if I’ve been infected?

The virus copies itself to the Windows System directory

(e.g. C:/Windows/System32 on Windows XP) as WINTBP.EXE.

The file can be run automatically by exploiting the

MS05-039 vulnerability or by a user directly executing

the worm.

Comments are closed.