My computer has a worm. What's next?
July 4, 2004 6:54 AM   Subscribe

My computer just got infected with a worm running under the names ifa32.exe and wingx32.exe. The net is ignorant of it, except for Sophos which says it has only been seen in the wild once. Should I tell anyone? Other than you guys, obviously...
posted by twine42 to Computers & Internet (3 answers total)
 
Absolutely. If you've been infected, chances areanother machine may be carrying it as well (as a host or otherwise).

It would be helpful if you could think of anything out of the ordinary -- programs downloaded, disks transferred, logins -- which may have infected your machine. If an ActiveX feature is suspect, chances are the script kiddies are taking advantage of the ADODB.Stream object bug recent (& recurring) concern.
posted by Smart Dalek at 7:47 AM on July 4, 2004


Mozilla only here, so no AcitveX. And I have no ideas of anything i've installed recently on any machine here, especially the only one that's show infection. Very very odd.

For the record, if anyone else gets it, you have to kill both files or the virus reappears. There's probably another files in there somewhere leaving some kind of backdoor, because switching off my firewall gives reinfection within about 20 minutes.

Guess I'll have to wait til the anti virus people catch up with it. Sophos is talking about waiting for an August update and the otehr guys don't seem to even admit it exists yet. *sigh*
posted by twine42 at 3:11 PM on July 4, 2004


They should have detected it.
A bit of detective work seems to imply that it could be w32.spybot.worm.
Likely cause of infection... mIRC or kazaa.
It could be that this is a new variant.
posted by seanyboy at 10:45 AM on July 5, 2004


« Older Who gave b irth to a triangle?   |   Mitigating Backache Newer »
This thread is closed to new comments.


Tags

Share