|
|
|
Can't get rid of W32.IRCbot...
|
Original Message
|
Name: lufxx
Date: December 19, 2007 at 11:58:58 Pacific
Subject: Can't get rid of W32.IRCbot...OS: XP |
Comment: Heya, Our company has the W32.IRCbot virus. It's jumping from computer to computer. Starts out by crashing your machine (buffer overflow I'd imagine), when you reboot Symantec alerts you of a.bat being found. Also it alerts W32.IRCbot associated with "Devsvc.exe". I've removed the files, quarantined/deleted, removed registry keys, etc. If any1 has any ideas, please let me know. thanks,
~Luf.
Report Offensive Message For Removal
|
|
Response Number 3
|
Name: lufxx
Date: December 20, 2007 at 08:24:12 Pacific
Subject: Can't get rid of W32.IRCbot... |
Reply: (edit)Sorry, I should've clarified my problem better. I can get rid of the virus fine, my problem is how it propagates. It's spreading too fast. I can clean it fine, but it will be quickly reinfected by another machine with it. I read about the virus, and it writes to other computers via buffer overflow using an MS Security exploit. This exploit was patched back in 2005, so how is it spreading so rapidly? I want to avoid taking all the computers off the network if possible. thanks,
~Luf.
 Report Offensive Follow Up For Removal
|
|
Response Number 4
|
Name: Gamer
Date: December 20, 2007 at 13:11:17 Pacific
Subject: Can't get rid of W32.IRCbot... |
Reply: (edit)Quik question... Do you use a program call "mIRC"?
Im infected with the same virus, but my computer wont even start up.
I use mIRC. My anti-virus picked it up, but then, it did not delte it althogh, it should have. I suck at computers...
Report Offensive Follow Up For Removal
|
Use following form to reply to current message:
|
|
|
