My computer has a worm. What's next?
July 4, 2004 6:54 AM Subscribe
My computer just got infected with a worm running under the names ifa32.exe and wingx32.exe. The net is ignorant of it, except for Sophos which says it has only been seen in the wild once. Should I tell anyone? Other than you guys, obviously...
Mozilla only here, so no AcitveX. And I have no ideas of anything i've installed recently on any machine here, especially the only one that's show infection. Very very odd.
For the record, if anyone else gets it, you have to kill both files or the virus reappears. There's probably another files in there somewhere leaving some kind of backdoor, because switching off my firewall gives reinfection within about 20 minutes.
Guess I'll have to wait til the anti virus people catch up with it. Sophos is talking about waiting for an August update and the otehr guys don't seem to even admit it exists yet. *sigh*
posted by twine42 at 3:11 PM on July 4, 2004
For the record, if anyone else gets it, you have to kill both files or the virus reappears. There's probably another files in there somewhere leaving some kind of backdoor, because switching off my firewall gives reinfection within about 20 minutes.
Guess I'll have to wait til the anti virus people catch up with it. Sophos is talking about waiting for an August update and the otehr guys don't seem to even admit it exists yet. *sigh*
posted by twine42 at 3:11 PM on July 4, 2004
They should have detected it.
A bit of detective work seems to imply that it could be w32.spybot.worm.
Likely cause of infection... mIRC or kazaa.
It could be that this is a new variant.
posted by seanyboy at 10:45 AM on July 5, 2004
A bit of detective work seems to imply that it could be w32.spybot.worm.
Likely cause of infection... mIRC or kazaa.
It could be that this is a new variant.
posted by seanyboy at 10:45 AM on July 5, 2004
This thread is closed to new comments.
It would be helpful if you could think of anything out of the ordinary -- programs downloaded, disks transferred, logins -- which may have infected your machine. If an ActiveX feature is suspect, chances are the script kiddies are taking advantage of the ADODB.Stream object bug recent (& recurring) concern.
posted by Smart Dalek at 7:47 AM on July 4, 2004